vulnerability

Ubuntu: (Multiple Advisories) (CVE-2017-3143): bind9 vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jun 29, 2017	Jul 1, 2017	Mar 27, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jun 29, 2017

Added

Jul 1, 2017

Modified

Mar 27, 2026

Description

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

Solution

ubuntu-upgrade-bind9

References

CVE-2017-3143
https://attackerkb.com/topics/CVE-2017-3143
DEBIAN-DSA-3904
EUVD-EUVD-2017-12284
NVD-CVE-2017-3143
UBUNTU-USN-3346-1
UBUNTU-USN-3346-2
UBUNTU-USN-3346-3
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-12284

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report