Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-0591
HistoryJan 14, 2014 - 4:29 a.m.

CVE-2014-0591

2014-01-1404:29:56
CWE-119
[email protected]
web.nvd.nist.gov

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

8.3 High

AI Score

Confidence

High

0.637 Medium

EPSS

Percentile

97.9%

JSON

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

Affected configurations

NVD
Node
iscbindMatch9.6
OR
iscbindMatch9.6r5_p1
OR
iscbindMatch9.6r6_b1
OR
iscbindMatch9.6r6_rc1
OR
iscbindMatch9.6r6_rc2
OR
iscbindMatch9.6r7_p1
OR
iscbindMatch9.6r7_p2
OR
iscbindMatch9.6r9_p1
OR
iscbindMatch9.6.0
OR
iscbindMatch9.6.0p1
OR
iscbindMatch9.6.0rc1
OR
iscbindMatch9.6.0rc2
OR
iscbindMatch9.6.1
OR
iscbindMatch9.6.1p1
OR
iscbindMatch9.6.1p2
OR
iscbindMatch9.6.1p3
OR
iscbindMatch9.6.1rc1
OR
iscbindMatch9.6.2
OR
iscbindMatch9.6.2rc1
OR
iscbindMatch9.6.3
OR
iscbindMatch9.6.3rc1
OR
iscbindMatch9.7.0
OR
iscbindMatch9.7.0b1
OR
iscbindMatch9.7.0p1
OR
iscbindMatch9.7.0p2
OR
iscbindMatch9.7.0rc1
OR
iscbindMatch9.7.0rc2
OR
iscbindMatch9.7.1
OR
iscbindMatch9.7.1p1
OR
iscbindMatch9.7.1p2
OR
iscbindMatch9.7.1rc1
OR
iscbindMatch9.7.2
OR
iscbindMatch9.7.2p1
OR
iscbindMatch9.7.2p2
OR
iscbindMatch9.7.2p3
OR
iscbindMatch9.7.2rc1
OR
iscbindMatch9.7.3
OR
iscbindMatch9.7.3b1
OR
iscbindMatch9.7.3p1
OR
iscbindMatch9.7.3rc1
OR
iscbindMatch9.7.4
OR
iscbindMatch9.7.4b1
OR
iscbindMatch9.7.4p1
OR
iscbindMatch9.7.4rc1
OR
iscbindMatch9.7.5
OR
iscbindMatch9.7.5b1
OR
iscbindMatch9.7.5rc1
OR
iscbindMatch9.7.5rc2
OR
iscbindMatch9.7.6
OR
iscbindMatch9.7.6p1
OR
iscbindMatch9.7.6p2
OR
iscbindMatch9.7.7
OR
iscbindMatch9.8.0
OR
iscbindMatch9.8.0a1
OR
iscbindMatch9.8.0b1
OR
iscbindMatch9.8.0p1
OR
iscbindMatch9.8.0p2
OR
iscbindMatch9.8.0p4
OR
iscbindMatch9.8.0rc1
OR
iscbindMatch9.8.1
OR
iscbindMatch9.8.1b1
OR
iscbindMatch9.8.1b2
OR
iscbindMatch9.8.1b3
OR
iscbindMatch9.8.1p1
OR
iscbindMatch9.8.1rc1
OR
iscbindMatch9.8.2b1
OR
iscbindMatch9.8.2rc1
OR
iscbindMatch9.8.2rc2
OR
iscbindMatch9.8.3
OR
iscbindMatch9.8.3p1
OR
iscbindMatch9.8.3p2
OR
iscbindMatch9.8.4
OR
iscbindMatch9.8.5
OR
iscbindMatch9.8.5b1
OR
iscbindMatch9.8.5b2
OR
iscbindMatch9.8.5p1
OR
iscbindMatch9.8.5p2
OR
iscbindMatch9.8.5rc1
OR
iscbindMatch9.8.5rc2
OR
iscbindMatch9.8.6
OR
iscbindMatch9.8.6b1
OR
iscbindMatch9.8.6p1
OR
iscbindMatch9.8.6rc1
OR
iscbindMatch9.8.6rc2
OR
iscbindMatch9.9.4
OR
iscbindMatch9.9.4p1
OR
iscbindMatch9.9.4rc1
OR
iscbindMatch9.9.4rc2

References

Related

freebsd 1
nessus 30
openvas 30
centos 2
ubuntu 1
fedora 5
cvelist 1
veracode 1
debiancve 1
f5 2
amazon 1
checkpoint_advisories 2
prion 1
debian 3
redhat 2
cve 1
slackware 2
ubuntucve 1
mageia 1
securityvulns 4
osv 2
seebug 1
freebsd_advisory 1
suse 1
oraclelinux 2
gentoo 1
freebsd
freebsd
bind -- denial of service vulnerability
2014-01-08 00:00:00
nessus
nessus
ISC BIND 9 NSEC3-Signed Zone Handling DoS
2014-01-14 00:00:00
SuSE 11.2 / 11.3 Security Update : bind (SAT Patch Numbers 8834 / 8835)
2014-02-01 00:00:00
CentOS 6 : bind (CESA-2014:0043)
2014-01-21 00:00:00
openvas
openvas
Fedora Update for bind FEDORA-2014-0811
2014-02-03 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-287)
2015-09-08 00:00:00
Fedora Update for bind FEDORA-2014-0811
2014-02-03 00:00:00
centos
centos
bind security update
2014-01-20 17:58:43
bind97 security update
2014-09-30 11:21:28
ubuntu
ubuntu
Bind vulnerability
2014-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: bind-9.9.4-11.P2.fc20
2014-01-18 04:24:44
[SECURITY] Fedora 19 Update: bind-9.9.3-14.P2.fc19
2014-01-18 04:21:45
[SECURITY] Fedora 20 Update: bind-9.9.4-17.P2.fc20
2014-12-18 06:10:51
cvelist
cvelist
CVE-2014-0591
2014-01-14 02:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:55:26
debiancve
debiancve
CVE-2014-0591
2014-01-14 04:29:56
f5
f5
K15133 : BIND vulnerability CVE-2014-0591
2014-04-03 00:00:00
SOL15133 - BIND vulnerability CVE-2014-0591
2014-04-03 00:00:00
amazon
amazon
Medium: bind
2014-02-03 15:28:00
checkpoint_advisories
checkpoint_advisories
ISC BIND NSEC3-Signed Zones Queries Processing Denial of Service - Ver2 (CVE-2014-0591)
2015-05-18 00:00:00
ISC BIND NSEC3-Signed Zones Queries Processing Denial of Service (CVE-2014-0591)
2014-02-25 00:00:00
prion
prion
Design/Logic Flaw
2014-01-14 04:29:00
debian
debian
[SECURITY] [DLA 48-1] bind9 security update
2014-09-05 19:30:04
[SECURITY] [DSA 3023-1] bind9 security update
2014-09-11 20:39:20
[SECURITY] [DSA 3023-1] bind9 security update
2014-09-11 20:39:20
redhat
redhat
(RHSA-2014:1244) Moderate: bind97 security and bug fix update
2014-09-16 00:00:00
(RHSA-2014:0043) Moderate: bind security update
2014-01-20 00:00:00
cve
cve
CVE-2014-0591
2014-01-14 04:29:56
slackware
slackware
bind
2014-01-28 14:58:17
[slackware-security] bind
2014-06-24 23:46:33
ubuntucve
ubuntucve
CVE-2014-0591
2014-01-13 00:00:00
mageia
mageia
Updated bind package fixes security vulnerability
2014-01-17 04:39:03
securityvulns
securityvulns
ISC bind DoS
2014-01-14 00:00:00
[USN-2081-1] Bind vulnerability
2014-01-14 00:00:00
APPLE-SA-2014-10-16-3 OS X Server v4.0
2014-10-18 00:00:00
osv
osv
bind9 - security update
2014-09-11 00:00:00
bind9 - security update
2014-09-05 00:00:00
seebug
seebug
ISC BIND NSEC3签名域ζŸ₯θ―’ε€„η†ζ‹’η»ζœεŠ‘ζΌζ΄ž
2014-01-16 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:04.bind
2014-01-14 00:00:00
suse
suse
Security update for bind (important)
2015-03-11 20:04:56
oraclelinux
oraclelinux
bind97 security and bug fix update
2014-09-17 00:00:00
bind security update
2014-01-20 00:00:00
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

8.3 High

AI Score

Confidence

High

0.637 Medium

EPSS

Percentile

97.9%

JSON
Related for NVD:CVE-2014-0591
freebsd1nessus30openvas30centos2ubuntu1fedora5cvelist1veracode1debiancve1f52amazon1checkpoint_advisories2prion1debian3redhat2cve1slackware2ubuntucve1mageia1securityvulns4osv2seebug1freebsd_advisory1suse1oraclelinux2gentoo1