Red Hat Bugzilla – Bug 1589616
CVE-2018-5738 bind: Improper handling of configuration allows all clients to perform recursive queries
Last modified: 2018-06-19 18:23:35 EDT
BIND was found to not properly handle certain configuration options, unintentionally permiting all clients to perform recursive queries. This occurs when "recursion yes;" is in effect and no match list values are provided for "allow-query-cache" or "allow-query" for the setting of "allow-recursion" to inherit a setting of all hosts from the "allow-query" setting default. The permitting of recursive queries to unauthorized clients can allow for: * Increase the load on a server, possibly degrading service to authorized clients. * A server to being co-opted for use in DNS reflection attacks. * An attacker may be able to deduce which queries a server has previously serviced by examining the results of queries answered from the cache, potentially leaking private information about what queries have been performed. This affects the following versions: * 9.9.12 * 9.10.7 * 9.11.3 * 9.12.0 to 9.12.1-P2 * 9.13.0
The flaw was introduced via the following upstream commit: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=89636d8f305956ad42e95a988502c7345e85ffe1 This change has not yet been included in any bind in Red Hat Enterprise Linux.
External Reference: https://kb.isc.org/article/AA-01616/0/CVE-2018-5738
Acknowledgments: Name: ISC
Created bind tracking bugs for this issue: Affects: fedora-all [bug 1590580] Created bind99 tracking bugs for this issue: Affects: fedora-all [bug 1590579]