Lucene search
AmazonALAS-2013-176HistoryApr 04, 2013 - 11:09 a.m.
Important: bind
2013-04-0411:09:00
alas.aws.amazon.com
13
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.943 High
EPSS
Percentile
99.2%
Issue Overview:
A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. (CVE-2013-2266)
Affected Packages:
bind
Issue Correction:
Run yum update bind to update your system.
New Packages:
i686:
bind-devel-9.8.2-0.17.rc1.29.amzn1.i686
bind-9.8.2-0.17.rc1.29.amzn1.i686
bind-sdb-9.8.2-0.17.rc1.29.amzn1.i686
bind-utils-9.8.2-0.17.rc1.29.amzn1.i686
bind-libs-9.8.2-0.17.rc1.29.amzn1.i686
bind-chroot-9.8.2-0.17.rc1.29.amzn1.i686
bind-debuginfo-9.8.2-0.17.rc1.29.amzn1.i686
src:
bind-9.8.2-0.17.rc1.29.amzn1.src
x86_64:
bind-debuginfo-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-utils-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-sdb-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-libs-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-chroot-9.8.2-0.17.rc1.29.amzn1.x86_64
bind-devel-9.8.2-0.17.rc1.29.amzn1.x86_64
Additional References
Red Hat: CVE-2013-2266
Mitre: CVE-2013-2266
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | bind-devel | < 9.8.2-0.17.rc1.29.amzn1 | bind-devel-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind | < 9.8.2-0.17.rc1.29.amzn1 | bind-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-sdb | < 9.8.2-0.17.rc1.29.amzn1 | bind-sdb-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-utils | < 9.8.2-0.17.rc1.29.amzn1 | bind-utils-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-libs | < 9.8.2-0.17.rc1.29.amzn1 | bind-libs-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-chroot | < 9.8.2-0.17.rc1.29.amzn1 | bind-chroot-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | bind-debuginfo | < 9.8.2-0.17.rc1.29.amzn1 | bind-debuginfo-9.8.2-0.17.rc1.29.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | bind-debuginfo | < 9.8.2-0.17.rc1.29.amzn1 | bind-debuginfo-9.8.2-0.17.rc1.29.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind-utils | < 9.8.2-0.17.rc1.29.amzn1 | bind-utils-9.8.2-0.17.rc1.29.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | bind | < 9.8.2-0.17.rc1.29.amzn1 | bind-9.8.2-0.17.rc1.29.amzn1.x86_64.rpm |
Related
nessus
nessus
SuSE 11.2 Security Update : dhcp (SAT Patch Number 7571)
2013-04-18 00:00:00
openSUSE Security Update : dhcp (openSUSE-SU-2013:0619-1)
2014-06-13 00:00:00
Oracle Linux 5 : bind97 (ELSA-2013-0690)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: bind-9.9.2-10.P2.fc18
2013-04-05 23:08:28
[SECURITY] Fedora 17 Update: bind-9.9.2-7.P2.fc17
2013-04-07 00:25:01
[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18
2013-08-04 00:13:45
openvas
openvas
Ubuntu Update for bind9 USN-1783-1
2013-04-02 00:00:00
Debian Security Advisory DSA 2656-1 (bind9 - denial of service)
2013-03-30 00:00:00
Ubuntu: Security Advisory (USN-1783-1)
2013-04-02 00:00:00
redhat
redhat
(RHSA-2013:0690) Important: bind97 security update
2013-03-28 00:00:00
(RHSA-2013:0689) Important: bind security and bug fix update
2013-03-28 00:00:00
(RHSA-2013:0746) Important: rhev-hypervisor6 security and bug fix update
2013-04-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:10
prion
prion
Code injection
2013-03-28 16:55:00
Design/Logic Flaw
2013-03-28 16:55:00
oraclelinux
oraclelinux
bind security and bug fix update
2013-03-28 00:00:00
bind97 security update
2013-03-28 00:00:00
bind97 security and bug fix update
2014-09-17 00:00:00
freebsd
freebsd
dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion
2013-03-11 00:00:00
FreeBSD -- BIND remote denial of service
2013-04-02 00:00:00
f5
f5
SOL14386 - BIND vulnerability CVE-2013-2266
2013-05-01 00:00:00
K14386 : BIND vulnerability CVE-2013-2266
2014-08-26 00:00:00
securityvulns
securityvulns
[USN-1783-1] Bind vulnerability
2013-04-01 00:00:00
bind / dhcp DoS
2013-04-01 00:00:00
[slackware-security] dhcp (SSA:2013-086-02)
2013-04-01 00:00:00
seebug
seebug
ISC BIND 9 'libdns' 远程拒绝服务漏洞(CVE-2013-2266)
2013-03-29 00:00:00
debiancve
debiancve
CVE-2013-2266
2013-03-28 16:55:00
CVE-2013-2494
2013-03-28 16:55:00
ubuntucve
ubuntucve
CVE-2013-2266
2013-03-26 00:00:00
CVE-2013-2494
2013-03-28 00:00:00
ubuntu
ubuntu
Bind vulnerability
2013-03-29 00:00:00
checkpoint_advisories
checkpoint_advisories
ISC BIND Regular Expression Handling Denial of Service (CVE-2013-2266)
2013-06-30 00:00:00
debian
debian
[SECURITY] [DSA 2656-1] bind9 security update
2013-03-30 15:42:49
cve
cve
CVE-2013-2266
2013-03-28 16:55:00
CVE-2013-2494
2013-03-28 16:55:00
centos
centos
bind97 security update
2013-03-28 23:25:41
bind security update
2013-03-29 00:19:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:04.bind
2013-04-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1822
2021-07-02 16:37:55
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.943 High
EPSS
Percentile
99.2%
Related for ALAS-2013-176