CVE-2018-5743

HIGH

BIND <9.10.8-P1-9.11.6-9.12.0 - DoS

Title source: llm

Description

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.

References (3)

Core 3

Core References

Third Party Advisory x_refsource_confirm

https://kb.isc.org/docs/cve-2018-5743

Vendor Advisory x_refsource_confirm

https://www.synology.com/security/advisory/Synology_SA_19_20

Vendor Advisory x_refsource_confirm

https://support.f5.com/csp/article/K74009656?utm_source=f5support&amp%3Butm_medium=RSS

Scores

CVSS v3 7.5

EPSS 0.0569

EPSS Percentile 90.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-770

Status published

Products (34)

f5/big-ip_access_policy_manager 15.0.0

f5/big-ip_access_policy_manager 11.5.2 - 11.6.5

f5/big-ip_advanced_firewall_manager 15.0.0

f5/big-ip_advanced_firewall_manager 11.5.2 - 11.6.5

f5/big-ip_analytics 15.0.0

f5/big-ip_analytics 11.5.2 - 11.6.5

f5/big-ip_application_acceleration_manager 15.0.0

f5/big-ip_application_acceleration_manager 11.5.2 - 11.6.5

f5/big-ip_application_security_manager 15.0.0

f5/big-ip_application_security_manager 11.5.2 - 11.6.5

... and 24 more

Published Oct 09, 2019

Tracked Since Feb 18, 2026