PRIOn knowledge basePRION:CVE-2012-1667Memory corruption
7 High
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:N/A:C
0.904 High
EPSS
Percentile
98.7%
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
References
lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
lists.opensuse.org/opensuse-security-announce/2012-06/msg00005.html
lists.opensuse.org/opensuse-security-announce/2012-06/msg00010.html
rhn.redhat.com/errata/RHSA-2012-0717.html
rhn.redhat.com/errata/RHSA-2012-1110.html
secunia.com/advisories/51096
support.apple.com/kb/HT5501
www.debian.org/security/2012/dsa-2486
www.isc.org/software/bind/advisories/cve-2012-1667
www.kb.cert.org/vuls/id/381699
www.mandriva.com/security/advisories?name=MDVSA-2012:089
www.securityfocus.com/bid/53772
www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004
h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
kb.isc.org/article/AA-00698
marc.info/?l=bugtraq&m=134132772016230&w=2
Related
7 High
AI Score
Confidence
Low
8.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:P/I:N/A:C
0.904 High
EPSS
Percentile
98.7%