Lucene search

K

PRIOn knowledge basePRION:CVE-2012-1033

HistoryFeb 08, 2012 - 8:55 p.m.

Code injection

2012-02-0820:55:00

PRIOn knowledge base

www.prio-n.com

10

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.3%

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a “ghost domain names” attack.

CPENameOperatorVersion
bindeq9.8.1 b2
bindeq9.1.1
bindeq9.1.3
bindeq9.7.0 rc2
bindeq9.7.2 rc1
bindeq9.7.0 b1
bindeq9.7.0 rc1
bindeq9.7.0 p2
bindeq9.7.4 b1
bindeq9.2

Rows per page:

1-10 of 721

References

osvdb.org/78916

rhn.redhat.com/errata/RHSA-2012-0717.html

secunia.com/advisories/47884

www.kb.cert.org/vuls/id/542123

www.securityfocus.com/bid/51898

www.securitytracker.com/id?1026647

exchange.xforce.ibmcloud.com/vulnerabilities/73053

hermes.opensuse.org/messages/15136456

hermes.opensuse.org/messages/15136477

marc.info/?l=bugtraq&m=135638082529878&w=2

www.isc.org/software/bind/advisories/cve-2012-1033

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.3%

Related for PRION:CVE-2012-1033

nessus22 f52 veracode1 ubuntucve1 cert1 seebug1 debiancve1 cve1 openvas22 redhat2 oraclelinux2 centos2 slackware1 amazon1 ubuntu1 gentoo1 vmware1