Lucene search

K

Veracode Vulnerability DatabaseVERACODE:11132

HistoryJan 15, 2019 - 8:57 a.m.

Denial Of Service

2019-01-1508:57:26

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

BIND is susceptible to denial of service. The vulnerability is possible because it does not properly handle resource records with a large RDATA value, allowing the attacker to create malicious DNS resource records causing recursive resolver or secondary server to exit unexpectedly with an assertion failure.

CPENameOperatorVersion
bind97eq9.7.0__6.P2.el5_6.2
bind97eq9.7.0__6.P2.el5_7.4
bind97eq9.7.0__6.P2.el5
bind97eq9.7.0__6.P2.el5_6.1
bind97eq9.7.0__6.P2.el5_6.3
bindeq9.3.3__7.el5
bindeq9.2.4__37.el4
bindeq9.3.4__6.0.3.P1.el5_2
bindeq9.3.6__4.P1.el5_5.3
bindeq9.3.6__16.P1.el5_7.1

Rows per page:

1-10 of 681

References

lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

lists.fedoraproject.org/pipermail/package-announce/2012-September/087697.html

lists.fedoraproject.org/pipermail/package-announce/2012-September/087703.html

lists.fedoraproject.org/pipermail/package-announce/2012-September/088381.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00021.html

lists.opensuse.org/opensuse-security-announce/2012-09/msg00022.html

lists.opensuse.org/opensuse-security-announce/2012-10/msg00007.html

marc.info/?l=bugtraq&m=141879471518471&w=2

rhn.redhat.com/errata/RHSA-2012-1266.html

rhn.redhat.com/errata/RHSA-2012-1267.html

rhn.redhat.com/errata/RHSA-2012-1268.html

rhn.redhat.com/errata/RHSA-2012-1365.html

secunia.com/advisories/50560

secunia.com/advisories/50579

secunia.com/advisories/50582

secunia.com/advisories/50645

secunia.com/advisories/50673

secunia.com/advisories/51096

support.apple.com/kb/HT5880

www.debian.org/security/2012/dsa-2547

www.isc.org/software/bind/advisories/cve-2012-4244

www.mandriva.com/security/advisories?name=MDVSA-2012:152

www.securityfocus.com/bid/55522

www.ubuntu.com/usn/USN-1566-1

access.redhat.com/security/updates/classification/#important

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

kb.isc.org/article/AA-00778

rhn.redhat.com/errata/RHSA-2012-1266.html

security.netapp.com/advisory/ntap-20221209-0008/

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C