Allele Security Alert
ASA-2019-00233
Identifier(s)
ASA-2019-00233, CVE-2019-6468
Title
Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used
Vendor(s)
Internet Systems Consortium (ISC)
Product(s)
BIND
Affected version(s)
BIND Supported Preview Edition 9.10.5-S1 to 9.11.5-S5
Fixed version(s)
BIND Supported Preview Edition 9.11.5-S6
BIND Supported Preview Edition 9.11.6-S1
Proof of concept
Unknown
Description
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure.
Technical details
Unknown
Credits
Unknown
Reference(s)
CVE-2019-6468: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used
https://kb.isc.org/docs/cve-2019-6468
CVE-2019-6468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6468
CVE-2019-6468
https://nvd.nist.gov/vuln/detail/CVE-2019-6468
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: April 27, 2019