CVE-2017-3141

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
LOCAL
HIGH
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
iscbind
9.2.6 ≤
𝑥
≤ 9.2.9
iscbind
9.3.2 ≤
𝑥
≤ 9.3.6
iscbind
9.4.0 ≤
𝑥
≤ 9.8.8
iscbind
9.9.0 ≤
𝑥
≤ 9.9.10
iscbind
9.10.0 ≤
𝑥
≤ 9.10.5
iscbind
9.11.0 ≤
𝑥
≤ 9.11.1
iscbind
9.2.6:p2
iscbind
9.3.2:p1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u1
fixed
sid
1:9.20.2-1
fixed
trixie
1:9.20.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
trusty
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bind
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-chrootenv
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
bind-devel
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
bind-doc
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
bind-utils
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise desktop 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise desktop 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise desktop 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise sap 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise sap 15 SP7
9.20.3-150700.1.6
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise server 15 SP6
9.18.24-150600.1.5
fixed
suse enterprise server 15 SP7
9.20.3-150700.1.6
fixed
libbind9-160
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libbind9-1600
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
libdns1605
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libdns169
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libirs-devel
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libirs160
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libirs1601
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libisc1606
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
libisc166
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libisccc160
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libisccc1600
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
libisccfg160
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libisccfg1600
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise desktop 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise desktop 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise sap 15 SP7
9.16.6-150300.22.50.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP6
9.16.6-150300.22.41.1
fixed
suse enterprise server 15 SP7
9.16.6-150300.22.50.1
fixed
liblwres160
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
libns1604
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP5
9.16.6-150300.22.27.1
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP5
9.16.6-150300.22.27.1
fixed
python3-bind
suse enterprise desktop 15
9.11.2-10.4
fixed
suse enterprise desktop 15 SP1
9.11.2-12.8.1
fixed
suse enterprise desktop 15 SP2
9.11.2-12.13.2
fixed
suse enterprise desktop 15 SP3
9.16.6-20.39
fixed
suse enterprise desktop 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise desktop 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise sap 15
9.11.2-10.4
fixed
suse enterprise sap 15 SP1
9.11.2-12.8.1
fixed
suse enterprise sap 15 SP2
9.11.2-12.13.2
fixed
suse enterprise sap 15 SP3
9.16.6-20.39
fixed
suse enterprise sap 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise sap 15 SP5
9.16.38-150400.5.20.2
fixed
suse enterprise server 15
9.11.2-10.4
fixed
suse enterprise server 15 SP1
9.11.2-12.8.1
fixed
suse enterprise server 15 SP2
9.11.2-12.13.2
fixed
suse enterprise server 15 SP3
9.16.6-20.39
fixed
suse enterprise server 15 SP4
9.16.20-150400.3.6
fixed
suse enterprise server 15 SP5
9.16.38-150400.5.20.2
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/99089
http://www.securitytracker.com/id/1038693
https://kb.isc.org/docs/aa-01496
https://security.gentoo.org/glsa/201708-01
https://security.netapp.com/advisory/ntap-20180926-0001/
https://www.exploit-db.com/exploits/42121/
http://www.securityfocus.com/bid/99089
http://www.securitytracker.com/id/1038693
https://kb.isc.org/docs/aa-01496
https://security.gentoo.org/glsa/201708-01
https://security.netapp.com/advisory/ntap-20180926-0001/
https://www.exploit-db.com/exploits/42121/