Vulnerability CVE-2017-3141

Vulnerability Name:

CVE-2017-3141 (CCN-127241)

Assigned:

2016-12-02

Published:

2017-06-14

Updated:

2019-10-09

Summary:

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H)
6.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

5.9 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:M/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): Multiple_Instances
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-428

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2017-3141

Source: BID
Type: Third Party Advisory, VDB Entry
99089

Source: CCN
Type: BID-99089
ISC BIND CVE-2017-3141 Local Privilege Escalation Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1038693

Source: XF
Type: UNKNOWN
isc-bind-cve20173141-priv-esc(127241)

Source: CCN
Type: ISC Security Advisory AA-01496
CVE-2017-3141: Windows service and uninstall paths are not quoted when BIND is installed

Source: CONFIRM
Type: Vendor Advisory
https://kb.isc.org/docs/aa-01496

Source: GENTOO
Type: Third Party Advisory
GLSA-201708-01

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20180926-0001/

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [06-05-2017]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
42121

Vulnerable Configuration:

Configuration 1:

cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.2.6 and <= 9.2.9)

OR cpe:/a:isc:bind:9.2.6:p2:*:*:-:*:*:*

OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.3.2 and <= 9.3.6)

OR cpe:/a:isc:bind:9.3.2:p1:*:*:-:*:*:*

OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.4.0 and <= 9.8.8)

OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.9.0 and <= 9.9.10)

OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.10.0 and <= 9.10.5)

OR cpe:/a:isc:bind:*:*:*:*:*:*:*:* (Version >= 9.11.0 and <= 9.11.1)

Configuration CCN 1:

cpe:/a:isc:bind:9.2:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:9.3:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:9.4:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:9.8.0:*:*:*:-:*:*:*

OR cpe:/a:isc:bind:9.10.0:*:*:*:*:*:*:*

OR cpe:/a:isc:bind:9.11.0:*:*:*:*:*:*:*

OR cpe:/a:isc:bind:9.9.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20173141	V	CVE-2017-3141	2023-06-22
oval:org.opensuse.security:def:7449	P	bind-devel-9.16.6-150300.22.27.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7450	P	bind-utils-9.16.38-150400.5.20.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:616	P	Security update for jasper (Moderate) (in QA)	2022-09-19
oval:org.opensuse.security:def:3469	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2876	P	bind-devel-9.16.6-150300.22.16.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94507	P	bind-utils-9.16.20-150400.3.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2877	P	bind-utils-9.16.20-150400.3.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95099	P	bind-9.16.20-150400.3.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94506	P	bind-devel-9.16.6-150300.22.16.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:41	P	dbus-1-1.12.2-8.3.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:319	P	tboot-20170711_1.9.8-15.9.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:16	P	bind-devel-9.16.6-20.39 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:977	P	Security update for lapack (Moderate)	2022-03-21
oval:org.opensuse.security:def:112004	P	bind-9.16.20-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:945	P	Security update for net-snmp (Important)	2022-01-11
oval:org.opensuse.security:def:1499	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:64619	P	Security update for bind (Important)	2021-11-23
oval:org.opensuse.security:def:70806	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:94198	P	(Moderate)	2021-11-16
oval:org.opensuse.security:def:1553	P	Security update for the Linux Kernel (Important)	2021-11-09
oval:org.opensuse.security:def:105563	P	bind-9.16.20-1.4 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:2109	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71293	P	libpainter0-0.9.6-2.17 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71149	P	bind-devel-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89563	P	bind-devel-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71406	P	tboot-20170711_1.9.8-8.32 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61408	P	bind-devel-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103218	P	bind-devel-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96528	P	bind-devel-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63198	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:90033	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103688	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96998	P	bind-9.11.2-12.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:68053	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-09-16
oval:org.opensuse.security:def:1031	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:69708	P	Security update for go1.15 (Moderate)	2021-08-20
oval:org.opensuse.security:def:67566	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:46976	P	java-1_8_0-openjdk-1.8.0.101-14.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47499	P	sblim-sfcb-1.4.8-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48253	P	p7zip-9.20.1-7.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47115	P	p7zip-9.20.1-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47169	P	unixODBC-2.3.4-6.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47513	P	tar-1.27.1-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47552	P	apache-commons-httpclient-3.1-4.364 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47263	P	ghostscript-9.15-22.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47301	P	krb5-1.12.5-39.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47634	P	gstreamer-plugins-base-1.8.3-12.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47553	P	apache2-2.4.23-29.24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47477	P	python-2.7.13-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47393	P	libpng12-0-1.2.50-19.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47827	P	memcached-1.4.39-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47567	P	binutils-2.31-9.26.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47561	P	autofs-5.0.9-28.3.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47541	P	yast2-users-3.2.11-1.47 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47959	P	automake-1.13.4-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47688	P	libXvnc1-1.6.0-18.23.72 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47719	P	libicu-doc-52.1-8.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47623	P	gnome-keyring-3.20.0-28.3.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47755	P	libopenssl1_1-1.1.1-1.9 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48051	P	java-1_7_0-openjdk-1.7.0.231-43.27.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47881	P	rtkit-0.11_git201205151338-8.14 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47790	P	libssh2-1-1.4.3-19.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47966	P	bubblewrap-0.3.3-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47839	P	p7zip-9.20.1-7.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48199	P	libsrtp1-1.5.2-3.2.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48013	P	gd-2.1.0-24.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46891	P	apache2-mod_jk-1.2.40-5.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47997	P	dstat-0.7.3-1.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47901	P	tar-1.27.1-15.3.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47498	P	sane-backends-1.0.24-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48105	P	libdmx1-1.1.3-3.51 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47023	P	libgoa-1_0-0-3.20.4-7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48068	P	libQt5WebKit5-5.6.2-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:2231	P	bind-9.16.6-20.39 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63320	P	bind-9.16.6-20.39 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100911	P	libgstphotography-1_0-0-1.16.2-7.22 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100792	P	bind-devel-9.16.6-20.39 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71775	P	bind-devel-9.16.6-20.39 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62034	P	bind-devel-9.16.6-20.39 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:66867	P	Security update for crmsh (Moderate)	2021-07-21
oval:org.opensuse.security:def:1611	P	Security update for qemu (Important)	2021-06-10
oval:org.opensuse.security:def:48624	P	squid-3.5.21-23.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70919	P	groff-1.22.3-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61130	P	bind-devel-9.11.2-10.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48497	P	libgoa-1_0-0-3.20.4-7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48428	P	glib2-lang-2.48.2-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48655	P	xorg-x11-server-7.6_1.18.3-57.34 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48482	P	libarchive13-3.1.2-22.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48559	P	libthai-data-0.1.25-4.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48467	P	libXfont1-1.5.1-10.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48726	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48678	P	kernel-default-extra-3.12.28-4.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48551	P	libspice-client-glib-2_0-8-0.31-7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46562	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48706	P	telepathy-gabble-0.18.1-3.268 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48709	P	ImageMagick-6.8.8.1-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48760	P	typelib-1_0-EvinceDocument-3_0-3.10.3-1.213 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48613	P	radvd-1.9.7-2.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46563	P	python-libxml2-2.9.1-6.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48780	P	java-1_7_0-openjdk-plugin-1.6.1-2.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46577	P	squidGuard-1.4-23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46840	P	ruby-2.1-1.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46698	P	libXRes1-1.0.7-3.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46841	P	sblim-sfcb-1.4.8-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:64706	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:46855	P	tar-1.27.1-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70871	P	bind-devel-9.11.2-10.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48413	P	evince-3.20.1-5.66 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70223	P	Security update for nginx (Important)	2021-05-27
oval:org.opensuse.security:def:66775	P	Security update for dtc (Low)	2021-05-13
oval:org.opensuse.security:def:100385	P	(Important)	2021-03-24
oval:org.opensuse.security:def:69603	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:117135	P	bind-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63144	P	bind-9.11.2-10.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107577	P	bind-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2167	P	bind-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71446	P	bind-devel-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61705	P	bind-devel-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49003	P	libFLAC++6-32bit-1.3.0-11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49057	P	telepathy-gabble-0.18.3-5.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63256	P	bind-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2055	P	bind-9.11.2-10.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116609	P	bind-devel-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:93672	P	bind-devel-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107051	P	bind-devel-9.11.2-12.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:66352	P	bind-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67953	P	python3-bottle on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49940	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50052	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66260	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:72925	P	Security update for resource-agents (Important)	2020-12-01
oval:org.opensuse.security:def:49998	P	dovecot23 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64219	P	bind-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73043	P	bind-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73440	P	libnma-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70118	P	libsrtp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64132	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:73558	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67466	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:49886	P	java-10-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49994	P	bind on GA media (Moderate)	2020-12-01
oval:com.ubuntu.trusty:def:20173141000	V	CVE-2017-3141 on Ubuntu 14.04 LTS (trusty) - medium.	2019-01-16
oval:com.ubuntu.xenial:def:20173141000	V	CVE-2017-3141 on Ubuntu 16.04 LTS (xenial) - medium.	2019-01-16
oval:com.ubuntu.xenial:def:201731410000000	V	CVE-2017-3141 on Ubuntu 16.04 LTS (xenial) - medium.	2019-01-16

BACK