{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T10:43:05.844","vulnerabilities":[{"cve":{"id":"CVE-2017-3138","sourceIdentifier":"security-officer@isc.org","published":"2019-01-16T20:29:00.407","lastModified":"2024-11-21T03:24:54.743","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9."},{"lang":"es","value":"named contiene una característica que permite que los operadores envíe comandos a un servidor en ejecución comunicándose con el proceso del servidor mediante un canal de control utilizando un programa como rndc.  Una regresión empleada en un cambio de características reciente ha creado una situación en la cual algunas versiones de named pueden cerrarse con un error de aserción de REQUIRE si se le envía una cadena de comandos null. Afecta a BIND desde la versión 9.9.9 hasta la 9.9.9-P7, desde la versión 9.9.10b1 hasta la 9.9.10rc2, desde la versión 9.10.4 hasta la 9.10.4-P7, desde la versión 9.10.5b1 hasta la 9.10.5rc2, desde la versión 9.10.5b1 hasta la 9.10.5rc2, desde la versión 9.11.0 hasta la 9.11.0-P4, desde la versión 9.11.1b1 hasta la 9.11.1rc2 y desde la versión 9.9.9-S1 hasta 9.9.9-S9."}],"metrics":{"cvssMetricV30":[{"source":"security-officer@isc.org","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:N/A:P","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:*:*:*:*:*:*:*","matchCriteriaId":"AECB4D34-0D20-46C5-A389-0296EF60E795"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*","matchCriteriaId":"376915CA-6BDB-423E-B216-64B098344DD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p2:*:*:*:*:*:*","matchCriteriaId":"03215B90-9860-4CB4-B7D2-3DF045B129EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*","matchCriteriaId":"88335D70-E98B-469E-A2E7-1958EB5F10DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*","matchCriteriaId":"795DA9EE-489D-402E-8427-C9E3650BA1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*","matchCriteriaId":"012A3C08-2A0F-4168-9DE0-F609707E4C2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p6:*:*:*:*:*:*","matchCriteriaId":"2BDE2752-E5CD-4AE6-A404-2C209F942B7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:p7:*:*:*:*:*:*","matchCriteriaId":"0387826C-AE6B-44C8-9888-4088CF66D78C"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*","matchCriteriaId":"21FBF6B7-BA47-46AC-B7EB-3A3A2E985BFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*","matchCriteriaId":"7132A53F-7DF2-4B79-AC86-75A0C73843B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*","matchCriteriaId":"9C8F0163-FF32-44E0-B05C-F89263CD56A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*","matchCriteriaId":"94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.9.10:rc2:*:*:*:*:*:*","matchCriteriaId":"BFF50431-599D-40DD-A2B3-30A6D5652FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:*:*:*:*:*:*:*","matchCriteriaId":"3E76DCB3-8063-415D-A774-9191E69E6980"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*","matchCriteriaId":"BB2D2132-62E8-4E73-A0BF-4790DAFC5558"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*","matchCriteriaId":"E253BD9F-25B8-42E7-BEAB-E843381ED155"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*","matchCriteriaId":"6B5E42E5-27C6-4D6F-B7DC-903B10BF2017"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*","matchCriteriaId":"7E211374-A4F5-41D4-A89E-E6522E9D0DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*","matchCriteriaId":"21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*","matchCriteriaId":"70586A2A-AA52-48F5-B2B0-390CA77807E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.4:p7:*:*:*:*:*:*","matchCriteriaId":"060E10B1-5501-4BD0-A148-B04C56D499F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*","matchCriteriaId":"8C5A0370-9490-40CC-84E8-EEE95A6F233B"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*","matchCriteriaId":"CEC78396-4667-4A45-8DBD-0D0C2AAE1549"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.10.5:rc2:*:*:*:*:*:*","matchCriteriaId":"1CD813E5-0C4A-4B55-A1B9-9C5C6C2504D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*","matchCriteriaId":"3160C5ED-75EA-47B2-998E-EDFC46B37DDA"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*","matchCriteriaId":"086C327B-DF9F-4D4E-A538-1E29FEDC34C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*","matchCriteriaId":"1440B408-76B6-4FA7-899D-E28049A37704"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*","matchCriteriaId":"4D50373F-C1C4-4EC9-B94F-854C3444717D"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.0:p4:*:*:*:*:*:*","matchCriteriaId":"6658F26D-C088-4470-8AFD-58BB54201C87"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.1:b1:*:*:*:*:*:*","matchCriteriaId":"A923D26C-3BE1-492E-99CF-1BB14D8A6388"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*","matchCriteriaId":"EEA791E2-27E0-49C5-9823-0C57647C788F"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:9.11.1:rc2:*:*:*:*:*:*","matchCriteriaId":"4E654717-4EF6-4397-A637-A9789CD5D1D6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*","matchCriteriaId":"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*","matchCriteriaId":"85DF4B3F-4BBC-42B7-B729-096934523D63"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*","matchCriteriaId":"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/97657","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038260","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://kb.isc.org/docs/aa-01471","source":"security-officer@isc.org","tags":["Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201708-01","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20180802-0002/","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3854","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/97657","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038260","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://kb.isc.org/docs/aa-01471","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201708-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20180802-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2017/dsa-3854","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}