In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zones content could abuse these unintended additional privileges to update other contents of the zone.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Bind | Isc | 9.9.12 (including) | 9.9.13 (including) |
Bind | Isc | 9.10.7 (including) | 9.10.8 (including) |
Bind | Isc | 9.11.3 (including) | 9.11.21 (including) |
Bind | Isc | 9.12.1 (including) | 9.16.5 (including) |
Bind | Isc | 9.17.0 (including) | 9.17.3 (including) |