Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-0696
HistoryJul 29, 2009 - 5:30 p.m.

CVE-2009-0696

2009-07-2917:30:00
CWE-16
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.965 High

EPSS

Percentile

99.6%

JSON

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

Affected configurations

NVD
Node
iscbindMatch9.4
OR
iscbindMatch9.4.0
OR
iscbindMatch9.4.0a1
OR
iscbindMatch9.4.0a2
OR
iscbindMatch9.4.0a3
OR
iscbindMatch9.4.0a4
OR
iscbindMatch9.4.0a5
OR
iscbindMatch9.4.0a6
OR
iscbindMatch9.4.0b1
OR
iscbindMatch9.4.0b2
OR
iscbindMatch9.4.0b3
OR
iscbindMatch9.4.0b4
OR
iscbindMatch9.4.0rc1
OR
iscbindMatch9.4.0rc2
OR
iscbindMatch9.4.1
OR
iscbindMatch9.4.2
OR
iscbindMatch9.4.2rc1
OR
iscbindMatch9.4.2rc2
OR
iscbindMatch9.4.3
OR
iscbindMatch9.4.3b1
OR
iscbindMatch9.4.3b2
OR
iscbindMatch9.4.3b3
OR
iscbindMatch9.4.3p2
OR
iscbindMatch9.5
OR
iscbindMatch9.5.0
OR
iscbindMatch9.5.0a1
OR
iscbindMatch9.5.0a2
OR
iscbindMatch9.5.0a3
OR
iscbindMatch9.5.0a4
OR
iscbindMatch9.5.0a5
OR
iscbindMatch9.5.0a6
OR
iscbindMatch9.5.0a7
OR
iscbindMatch9.5.0b1
OR
iscbindMatch9.5.0b2
OR
iscbindMatch9.5.0b3
OR
iscbindMatch9.5.0p1
OR
iscbindMatch9.5.0p2
OR
iscbindMatch9.5.0p2_w1
OR
iscbindMatch9.5.0p2_w2
OR
iscbindMatch9.6esv
OR
iscbindMatch9.6r1esv
OR
iscbindMatch9.6r2esv
OR
iscbindMatch9.6r3esv
OR
iscbindMatch9.6r4esv
OR
iscbindMatch9.6r4_p1esv
OR
iscbindMatch9.6r5esv
OR
iscbindMatch9.6r5_b1esv
OR
iscbindMatch9.6r5_p1esv
OR
iscbindMatch9.6r6esv
OR
iscbindMatch9.6r6_b1esv
OR
iscbindMatch9.6r6_rc1esv
OR
iscbindMatch9.6r6_rc2esv
OR
iscbindMatch9.6r7esv
OR
iscbindMatch9.6r7_p1esv
OR
iscbindMatch9.6r7_p2esv
OR
iscbindMatch9.6r9esv
OR
iscbindMatch9.6r9_p1esv
OR
iscbindMatch9.6.0
OR
iscbindMatch9.6.0a1
OR
iscbindMatch9.6.0b1
OR
iscbindMatch9.6.0p1
OR
iscbindMatch9.6.0rc1
OR
iscbindMatch9.6.0rc2
OR
iscbindMatch9.6.1
OR
iscbindMatch9.6.1b1

References

Related

redhat 3
nessus 89
gentoo 1
openvas 60
ubuntu 1
securityvulns 6
altlinux 5
f5 2
freebsd 1
centos 3
seebug 1
debian 1
veracode 1
osv 1
cvelist 1
oraclelinux 3
cert 1
prion 1
fedora 4
cve 1
suse 1
slackware 1
freebsd_advisory 1
ubuntucve 1
checkpoint_security 1
checkpoint_advisories 1
debiancve 1
vmware 2
redhat
redhat
(RHSA-2009:1180) Important: bind security and bug fix update
2009-07-29 00:00:00
(RHSA-2009:1179) Important: bind security update
2009-07-29 00:00:00
(RHSA-2009:1181) Important: bind security and bug fix update
2009-07-29 00:00:00
nessus
nessus
Scientific Linux Security Update : bind security for SL 4.x on i386/x86_64
2012-08-01 00:00:00
AIX 6.1 TL 2 : bind (IZ56317)
2013-01-24 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : bind9 vulnerability (USN-808-1)
2009-07-29 00:00:00
gentoo
gentoo
BIND: Denial of service
2009-08-01 00:00:00
openvas
openvas
Slackware Advisory SSA:2009-210-01 bind
2012-09-11 00:00:00
SuSE Security Advisory SUSE-SA:2009:040 (bind)
2009-08-17 00:00:00
Debian Security Advisory DSA 1847-1 (bind9)
2009-08-17 00:00:00
ubuntu
ubuntu
Bind vulnerability
2009-07-29 00:00:00
securityvulns
securityvulns
ISC bind named DNS server DoS
2009-07-30 00:00:00
[security bulletin] HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS)
2010-07-18 00:00:00
BIND Dynamic Update DoS
2009-07-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 5 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 8 package bind version 9.3.6-alt5
2009-07-28 00:00:00
f5
f5
K10366 : BIND vulnerability - CVE-2009-0696
2013-06-28 00:00:00
SOL10366 - BIND vulnerability - CVE-2009-0696
2009-07-28 00:00:00
freebsd
freebsd
BIND -- Dynamic update message remote DoS
2009-07-28 00:00:00
centos
centos
bind, caching security update
2009-07-29 19:12:50
bind security update
2009-07-30 19:55:19
bind security update
2009-07-29 20:55:11
seebug
seebug
ISC BIND 9θΏœη¨‹εŠ¨ζ€ζ›΄ζ–°ζΆˆζ―ζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-07-29 00:00:00
debian
debian
[SECURITY] [DSA 1847-1] New bind9 packages fix denial of service
2009-07-29 07:21:21
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:33:36
osv
osv
bind9 - denial of service
2009-07-29 00:00:00
cvelist
cvelist
CVE-2009-0696
2009-07-29 17:00:00
oraclelinux
oraclelinux
bind security and bug fix update
2009-07-29 00:00:00
bind security update
2009-07-29 00:00:00
bind security and bug fix update
2009-07-29 00:00:00
cert
cert
ISC BIND 9 vulnerable to denial of service via dynamic update request
2009-07-28 00:00:00
prion
prion
Design/Logic Flaw
2009-07-29 17:30:00
fedora
fedora
[SECURITY] Fedora 11 Update: bind-9.6.1-4.P1.fc11
2009-07-30 03:55:31
[SECURITY] Fedora 10 Update: bind-9.5.1-3.P3.fc10
2009-07-30 03:55:44
[SECURITY] Fedora 11 Update: bind-9.6.1-7.P2.fc11
2009-11-27 21:40:17
cve
cve
CVE-2009-0696
2009-07-29 17:30:00
suse
suse
remote denial of service in bind
2009-07-30 16:51:35
slackware
slackware
bind
2009-07-29 22:52:55
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:12.bind
2009-07-29 00:00:00
ubuntucve
ubuntucve
CVE-2009-0696
2009-07-29 00:00:00
checkpoint_security
checkpoint_security
Check Point response to ISC BIND 9 DoS vulnerability (CVE-2009-0696)
2009-08-08 21:00:00
checkpoint_advisories
checkpoint_advisories
BIND 9 DNS Server Dynamic Update Denial of Service (CVE-2009-0696)
2009-08-02 00:00:00
debiancve
debiancve
CVE-2009-0696
2009-07-29 17:30:00
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.965 High

EPSS

Percentile

99.6%

JSON
Related for NVD:CVE-2009-0696
redhat3nessus89gentoo1openvas60ubuntu1securityvulns6altlinux5f52freebsd1centos3seebug1debian1veracode1osv1cvelist1oraclelinux3cert1prion1fedora4cve1suse1slackware1freebsd_advisory1ubuntucve1checkpoint_security1checkpoint_advisories1debiancve1vmware2