Lucene search

[email protected]CVE-2007-0493

HistoryJan 25, 2007 - 8:28 p.m.

CVE-2007-0493

2007-01-2520:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-0493

isc

bind

vulnerability

denial of service

remote attack

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.223 Low

EPSS

Percentile

96.5%

JSON

Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to “dereference a freed fetch context.”

CPENameOperatorVersion
isc:bindisc bindeq9.3.2
isc:bindisc bindeq9.3.0
isc:bindisc bindeq9.5.0
isc:bindisc bindeq9.3.1
isc:bindisc bindeq9.4.0

CPE	Name	Operator	Version
isc:bind	isc bind	eq	9.3.2
isc:bind	isc bind	eq	9.3.0
isc:bind	isc bind	eq	9.5.0
isc:bind	isc bind	eq	9.3.1
isc:bind	isc bind	eq	9.4.0

References

docs.info.apple.com/article.html?artnum=305530

fedoranews.org/cms/node/2507

fedoranews.org/cms/node/2537

ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495

lists.apple.com/archives/security-announce/2007/May/msg00004.html

lists.grok.org.uk/pipermail/full-disclosure/2007-January/052018.html

lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html

marc.info/?l=bind-announce&m=116968519321296&w=2

secunia.com/advisories/23904

secunia.com/advisories/23924

secunia.com/advisories/23943

secunia.com/advisories/23972

secunia.com/advisories/23974

secunia.com/advisories/23977

secunia.com/advisories/24014

secunia.com/advisories/24048

secunia.com/advisories/24054

secunia.com/advisories/24129

secunia.com/advisories/24203

secunia.com/advisories/24930

secunia.com/advisories/24950

secunia.com/advisories/25402

secunia.com/advisories/25649

security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc

security.gentoo.org/glsa/glsa-200702-06.xml

securitytracker.com/id?1017561

slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157

www.isc.org/index.pl?/sw/bind/bind-security.php

www.isc.org/index.pl?/sw/bind/view/?release=9.2.8

www.isc.org/index.pl?/sw/bind/view/?release=9.3.4

www.mandriva.com/security/advisories?name=MDKSA-2007:030

www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html

www.redhat.com/support/errata/RHSA-2007-0057.html

www.securityfocus.com/archive/1/458066/100/0/threaded

www.securityfocus.com/bid/22229

www.trustix.org/errata/2007/0005

www.ubuntu.com/usn/usn-418-1

www.vupen.com/english/advisories/2007/0349

www.vupen.com/english/advisories/2007/1401

www.vupen.com/english/advisories/2007/1939

www.vupen.com/english/advisories/2007/2163

www.vupen.com/english/advisories/2007/2315

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

issues.rpath.com/browse/RPL-989

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9614

www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.223 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2007-0493

prion1 debiancve1 veracode1 ubuntucve1 cvelist1 openvas19 nessus13 securityvulns2 freebsd1 slackware1 gentoo1 redhat1 suse1 oraclelinux1 ubuntu1 freebsd_advisory1 seebug1