Lucene search

K
freebsdFreeBSD2892A8E2-3D68-11E2-8E01-0800273FE665
HistoryNov 27, 2012 - 12:00 a.m.

dns/bind9* -- servers using DNS64 can be crashed by a crafted query

2012-11-2700:00:00
vuxml.freebsd.org
6

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.035 Low

EPSS

Percentile

91.3%

ISC reports:

BIND 9 nameservers using the DNS64 IPv6 transition mechanism are
vulnerable to a software defect that allows a crafted query to
crash the server with a REQUIRE assertion failure. Remote
exploitation of this defect can be achieved without extensive
effort, resulting in a denial-of-service (DoS) vector against
affected servers.

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.035 Low

EPSS

Percentile

91.3%

Related for 2892A8E2-3D68-11E2-8E01-0800273FE665