{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T15:23:52.725","vulnerabilities":[{"cve":{"id":"CVE-2018-5740","sourceIdentifier":"security-officer@isc.org","published":"2019-01-16T20:29:01.017","lastModified":"2024-11-21T04:09:17.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2."},{"lang":"es","value":"\"deny-answer-aliases\" es una característica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un método para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta característica hace que sea sencillo experimentar un fallo de aserción en name.c. Afecta a BIND desde la versión 9.7.0 hasta la versión 9.8.8, desde la versión 9.9.0 hasta la versión 9.9.13, desde la versión 9.10.0 hasta la versión 9.10.8, desde la versión 9.11.0 hasta la versión 9.11.4, desde la versión 9.12.0 hasta la versión 9.12.2 y desde la versión 9.13.0 hasta la versión 9.13.2."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"security-officer@isc.org","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.7.0","versionEndExcluding":"9.8.8","matchCriteriaId":"DCCA7B30-3344-4718-8B34-FE60CCE4487C"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.9.0","versionEndExcluding":"9.9.13","matchCriteriaId":"7F17A1AB-48E7-48B7-97CC-BD270649F856"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.10.0","versionEndExcluding":"9.10.8","matchCriteriaId":"EF340133-E86A-4A6D-9775-E66B46829700"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.11.0","versionEndExcluding":"9.11.4","matchCriteriaId":"94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.12.0","versionEndExcluding":"9.12.2","matchCriteriaId":"5464FDED-E02B-486F-8699-CB7B9D623A59"},{"vulnerable":true,"criteria":"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","versionStartIncluding":"9.13.0","versionEndExcluding":"9.13.2","matchCriteriaId":"0484A7C1-5E99-49A6-BE21-BB201D2D0EFA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"B353CE99-D57C-465B-AAB0-73EF581127D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","matchCriteriaId":"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","matchCriteriaId":"BF77CDCF-B9C9-427D-B2BF-36650FB2148C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*","matchCriteriaId":"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","matchCriteriaId":"8D305F7A-D159-4716-AB26-5E38BB5CD991"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*","matchCriteriaId":"F480AA32-841A-4E68-9343-B2E7548B0A0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","matchCriteriaId":"F1E78106-58E6-4D59-990F-75DA575BFAD9"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","matchCriteriaId":"B620311B-34A3-48A6-82DF-6F078D7A4493"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","matchCriteriaId":"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html","source":"security-officer@isc.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html","source":"security-officer@isc.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/105055","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041436","source":"security-officer@isc.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2570","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2571","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://kb.isc.org/docs/aa-01639","source":"security-officer@isc.org","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html","source":"security-officer@isc.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201903-13","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20180926-0003/","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3769-1/","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3769-2/","source":"security-officer@isc.org","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/105055","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041436","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2570","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2571","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://kb.isc.org/docs/aa-01639","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/201903-13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20180926-0003/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3769-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3769-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}