{"id":"CVE-2019-6465","details":"Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.5-P2, 9.12.0 -\u003e 9.12.3-P2, and versions 9.9.3-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.","modified":"2026-04-11T12:20:25.412416Z","published":"2019-10-09T16:15:16.483Z","related":["CGA-97mp-cvh3-3x83","SUSE-SU-2019:1407-1","SUSE-SU-2019:14074-1","SUSE-SU-2019:1449-1","SUSE-SU-2019:2502-1","openSUSE-SU-2019:1533-1","openSUSE-SU-2024:10650-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","cpe":"cpe:2.3:a:isc:bind:9.10.8:p1:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.10.8-p1"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:a:isc:bind:9.11.5:p2:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.11.5-p2"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*","extracted_events":[{"last_affected":"9.11.5-s3"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:a:isc:bind:9.12.3:p2:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.12.3-p2"}]}]},"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3552"},{"type":"ADVISORY","url":"https://kb.isc.org/docs/cve-2019-6465"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/isc-projects/bind9","events":[{"introduced":"0"},{"last_affected":"f8a0c0bed6ed629e314d22619510939c61d88b0e"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"8.0"}]}}],"versions":["ondrej/008bfb6249a5f81d9e02ad4d39fda63fab57a0ad","ondrej/00ce93a69cd809810b82dbb229abf59d8e5850cc","ondrej/067f87f158b633e18a9c6fd0b038d1dc288bcb74","ondrej/074c7cc12c0eda40441926a8a96631c3176824a9","ondrej/1a1413ff5910ace7919bb8db0a1bb1f6e9c9ff7d","ondrej/2438db2eae8baf084615aff3b210ea51cd2f1fe1","ondrej/4098157e6ce98910ff99c58c41c6cf8069b79cc7","ondrej/4281aaab4503116fcf50caa348e1b5e7d414b742","ondrej/42e84e4b97be23f2b3754844e9d4478f48e92b48","ondrej/46caf5f4a4522d42480aee4d5949ea9546f98c2f","ondrej/4d292fc37ff5e99462756352c6028af7d0becf74","ondrej/4f369af51ede0e5ac7b3a14c451c5a41350a61cc","ondrej/53738634c3b511bd78e6626df95ae140631b080c","ondrej/6d06e7e7e585e30b419e4e20815cb8233c48f7b1","ondrej/6d1fdb850516a8d1fbfa853c56a1ef7627d54a72","ondrej/761b47a64845cb647d4fa3362be538eb0e7174d9","ondrej/840e56a979c3719ded668d5aaa04b1bddce465ef","ondrej/9cd2880a82f627bc44ab65fdaa19c2bcd9e61c96","ondrej/a42afbce2e34a5f990517fee7eab013c4adb8c0a","ondrej/a5f554959ec531712f6e14a8cb8c90d87cc27932","ondrej/b177581bb230d89821d1e2e5e91f93bee3fc4192","ondrej/b6298b394e9eaefcfa2458cd56c345d778e99b8e","ondrej/be1e6499742e241d71c7e79434e278a0c89d141b","ondrej/c63b7fad498dbe56710b655bd296a58abba64bb8","ondrej/d7e5f7903de06e504aac4a3822a41d69e159e370","ondrej/e00b13ac6e5a49434fbe534b0cab86b9ee4fbdb5","ondrej/f8a0c0bed6ed629e314d22619510939c61d88b0e","ondrej/fb07c38697c9f4f76dcb921487c4f96813c99b69","v9.10.0a1","v9.10.0a2","v9.10.0b1","v9.10.0b2","v9.10.0rc1","v9.11.0a1","v9.11.0a2","v9.11.0a3","v9.12.0a1","v9.12.0b1","v9.12.0b2","v9.12.0rc1","v9.13.0","v9.13.2","v9.13.3","v9.13.4","v9.13.5","v9.13.6","v9.15.0","v9.15.2","v9.15.3","v9.15.4","v9.15.7","v9.15.8","v9.19.0","v9.5.0a1","v9.5.0a2","v9.5.0a3","v9.5.0a4","v9.5.0a5","v9.5.0a6","v9.7.0a1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-6465.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.isc.org/isc-projects/bind9","events":[{"introduced":"3514c49b2fbcdf95b2735878e2487fce9a3ddad5"},{"last_affected":"db65d701b999d10e555c13454bceb74df4494975"},{"introduced":"1477c19dd9a347ee19a42dac227f299a4680506f"},{"last_affected":"2fe4344de48d6061bef5a4000066a99a7c1296a6"},{"introduced":"71a40862c0be867999867cd99e21c2266a5e452b"},{"last_affected":"3631aeb0709b460afc66ca8bff609bf93ef24bec"},{"introduced":"29b3a7d84240a51099490c0f39ae537f4e0d6a7a"},{"last_affected":"acfbf1ae9438873ef2fccacd5b3692f1aab99939"},{"introduced":"0"},{"last_affected":"1c59cea1c0e26e2da3f2afb90200bfe9f7748c03"},{"last_affected":"12f71327ff796ed24752a4286fc0b3d9b21a4a57"},{"last_affected":"3b0b2047cea8d9e61d0c1eabe2d3c958997e8be4"},{"last_affected":"647dac6f96293b98d9d865d367feb74710cd9b46"},{"last_affected":"6c8e92c06d2d5b5904c925ca48564a93f1edba44"},{"last_affected":"cfdd35f26ac4509cec614284ce036e487a552504"}],"database_specific":{"source":"CPE_FIELD","cpe":["cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.10.8:-:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.5:-:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.11.5:p1:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.12.3:-:*:*:*:*:*:*","cpe:2.3:a:isc:bind:9.12.3:p1:*:*:*:*:*:*"],"extracted_events":[{"introduced":"9.9.0"},{"last_affected":"9.10.7"},{"introduced":"9.11.0"},{"last_affected":"9.11.4"},{"introduced":"9.12.0"},{"last_affected":"9.12.2"},{"introduced":"9.13.0"},{"last_affected":"9.13.6"},{"introduced":"0"},{"last_affected":"9.9.3-s1"},{"last_affected":"9.10.8-NA"},{"last_affected":"9.11.5-NA"},{"last_affected":"9.11.5-p1"},{"last_affected":"9.12.3-NA"},{"last_affected":"9.12.3-p1"}]}}],"versions":["v9.10.0a1","v9.10.0a2","v9.10.0b1","v9.10.0b2","v9.10.0rc1","v9.10.0rc2","v9.10.1","v9.10.1b1","v9.10.1b2","v9.10.1rc1","v9.10.1rc2","v9.10.2","v9.10.2b1","v9.10.2rc1","v9.10.2rc2","v9.10.3","v9.10.3b1","v9.10.3rc1","v9.10.4","v9.10.4b1","v9.10.4b2","v9.10.4b3","v9.10.4rc1","v9.10.5","v9.10.5b1","v9.10.5rc1","v9.10.5rc2","v9.10.5rc3","v9.10.6b1","v9.10.6rc1","v9.10.7","v9.10.7b1","v9.10.7rc1","v9.10.8","v9.10.8rc2","v9.11.0","v9.11.0a1","v9.11.0a2","v9.11.0a3","v9.11.1","v9.11.1b1","v9.11.1rc1","v9.11.1rc2","v9.11.1rc3","v9.11.2b1","v9.11.2rc1","v9.11.3b1","v9.11.3rc1","v9.11.4","v9.11.4rc2","v9.11.5","v9.11.5-P1","v9.11.5rc1","v9.12.0a1","v9.12.0b1","v9.12.0b2","v9.12.0rc1","v9.12.1b1","v9.12.1rc1","v9.12.2","v9.12.2rc2","v9.12.3","v9.12.3-P1","v9.12.3rc1","v9.13.0","v9.13.2","v9.13.3","v9.13.4","v9.13.5","v9.13.6","v9.5.0a1","v9.5.0a2","v9.5.0a3","v9.5.0a4","v9.5.0a5","v9.5.0a6","v9.7.0a1","v9.9.0","v9.9.1","v9.9.2b1","v9.9.2rc1","v9.9.3b1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-6465.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}