GCVE - cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*

part: a version: 9.9.0 update: p1

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.164176
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.164177

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-3143`	vulnerable	2026-06-03 14:37:09.647110	An error in TSIG authentication can permit unauthorized dynamic updates HIGH (7.5) An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-16T16:14:21.796Z Open on db.gcve.eu Reference links https://kb.isc.org/docs/aa-01503 https://access.redhat.com/errata/RHSA-2017:1680 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us https://access.redhat.com/errata/RHSA-2017:1679 http://www.securitytracker.com/id/1038809	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3142`	vulnerable	2026-06-03 14:37:09.643040	An error in TSIG authentication can permit unauthorized zone transfers MEDIUM (5.3) An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-16T17:08:46.835Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2017:1680 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us https://access.redhat.com/errata/RHSA-2017:1679 http://www.securityfocus.com/bid/99339 http://www.securitytracker.com/id/1038809	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3136`	vulnerable	2026-06-03 14:37:09.599124	An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" MEDIUM (5.9) A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-17T00:51:35.181Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2017:1095 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180802-0002/ https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us https://www.debian.org/security/2017/dsa-3854	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.