Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2019-6465: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

SUSE: CVE-2019-6465: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
02/22/2019
Created
06/06/2019
Added
06/04/2019
Modified
02/04/2022

Description

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.

Solution(s)

  • suse-upgrade-bind
  • suse-upgrade-bind-chrootenv
  • suse-upgrade-bind-devel
  • suse-upgrade-bind-devel-32bit
  • suse-upgrade-bind-doc
  • suse-upgrade-bind-libs
  • suse-upgrade-bind-libs-32bit
  • suse-upgrade-bind-lwresd
  • suse-upgrade-bind-utils
  • suse-upgrade-libbind9-160
  • suse-upgrade-libbind9-160-32bit
  • suse-upgrade-libbind9-1600
  • suse-upgrade-libdns1605
  • suse-upgrade-libdns169
  • suse-upgrade-libdns169-32bit
  • suse-upgrade-libirs-devel
  • suse-upgrade-libirs160
  • suse-upgrade-libirs160-32bit
  • suse-upgrade-libirs1601
  • suse-upgrade-libisc1606
  • suse-upgrade-libisc166
  • suse-upgrade-libisc166-32bit
  • suse-upgrade-libisccc160
  • suse-upgrade-libisccc160-32bit
  • suse-upgrade-libisccc1600
  • suse-upgrade-libisccfg160
  • suse-upgrade-libisccfg160-32bit
  • suse-upgrade-libisccfg1600
  • suse-upgrade-liblwres160
  • suse-upgrade-liblwres160-32bit
  • suse-upgrade-libns1604
  • suse-upgrade-python-bind
  • suse-upgrade-python3-bind

References

  • SUSE-SU-2019:1406-2
  • SUSE-SU-2019:1407-1
  • SUSE-SU-2019:14074-1
  • SUSE-SU-2019:1449-1
  • SUSE-SU-2019:2502-1
  • CVE-2019-6465
  • USN-3893-1
  • USN-3893-2
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;