Lucene search

K
cve[email protected]CVE-2002-1219
HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1219

2004-09-0104:00:00
web.nvd.nist.gov
34
bind
buffer overflow
remote code execution
dns
security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.136 Low

EPSS

Percentile

95.6%

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

Affected configurations

NVD
Node
iscbindMatch4.9.5
OR
iscbindMatch4.9.6
OR
iscbindMatch4.9.7
OR
iscbindMatch4.9.8
OR
iscbindMatch4.9.9
OR
iscbindMatch4.9.10
OR
iscbindMatch8.2
OR
iscbindMatch8.2.1
OR
iscbindMatch8.2.2
OR
iscbindMatch8.2.3
OR
iscbindMatch8.2.4
OR
iscbindMatch8.2.5
OR
iscbindMatch8.2.6
OR
iscbindMatch8.3.0
OR
iscbindMatch8.3.1
OR
iscbindMatch8.3.2
OR
iscbindMatch8.3.3
Node
freebsdfreebsdMatch4.4
OR
freebsdfreebsdMatch4.5
OR
freebsdfreebsdMatch4.6
OR
freebsdfreebsdMatch4.7
OR
openbsdopenbsdMatch3.0
OR
openbsdopenbsdMatch3.1
OR
openbsdopenbsdMatch3.2

References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.136 Low

EPSS

Percentile

95.6%