CVE-2019-6467 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-6467 REJECTED

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.

EPSS 17.22% · 95.0th percentile

Risk Scores

EPSS Score

17.22%

95.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	bind9	1:9.11.3+dfsg-1ubuntu1.3, 1:9.11.3+dfsg-1ubuntu1.2, 1:9.11.3+dfsg-1ubuntu1.1
Ubuntu:14.04:LTS	bind9	1:9.9.5.dfsg-3ubuntu0.5, 1:9.9.5.dfsg-3ubuntu0.6, 1:9.9.5.dfsg-3ubuntu0.7
Ubuntu:16.04:LTS	bind9	1:9.10.3.dfsg.P4-8, 1:9.10.3.dfsg.P4-8ubuntu1, 1:9.10.3.dfsg.P4-8ubuntu1.1

Timeline

Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 5, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Jul 7, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2019-6467 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2019-6467 third-party-advisory

Open in Interactive Console →