Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0009

6 documents5 sources
Severity
10.0CRITICAL
EPSS
80.3%
top 0.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
13
Bsdi BSD OSCaldera OpenlinuxData General DG UX+10 more
Timeline
PublishedApr 8
Latest updateMay 3

Description

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages12 packages

NVDisc/bind4.9.6, 8.1, 8.1.1+2
NVDibm/aix9 versions+8
NVDsgi/irix32 versions+31
NVDsun/sunos4 versions+3
NVDbsdi/bsd_os2.0, 2.0.1, 2.1+2

Also affects: Netbsd 1.0, 1.1, 1.2, 1.2.1, 1.3, 1.3.1

🔴Vulnerability Details

2
GHSA
GHSA-p4fw-6pfr-4xqr: Inverse query buffer overflow in BIND 42022-05-03
CVEList
CVE-1999-0009: Inverse query buffer overflow in BIND 41999-09-29

💥Exploits & PoCs

2
Exploit-DB
ISC BIND (Linux/BSD) - Remote Buffer Overflow (1)1998-04-08
Exploit-DB
ISC BIND (Multiple OSes) - Remote Buffer Overflow (2)1998-04-08

🔍Detection Rules

1
Suricata
GPL DNS named iquery attempt2010-09-23
CVE-1999-0009 (CRITICAL CVSS 10) | Inverse query buffer overflow in BI | cvebase.io