CVE-2000-0887
published 2000-12-19CVE-2000-0887: named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a…
PriorityP423medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
22.94%
97.5th percentile
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| isc | bind | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2000-11-07·CVSS 5.0
CVE-2000-0887 [MEDIUM] security flaw
security flaw
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
Statement: This issue was fixed in the following products:
- Red Hat Linux 5.2 - RHSA-2000:107 (2000-11-16)
- Red Hat Linux 6.0 - RHSA-2000:107 (2000-11-16)
- Red Hat Linux 6.1 - RHSA-2000:107 (2000-11-16)
- Red Hat Linux 6.2 - RHSA-2000:107 (2000-11-16)
- Red Hat Linux 7.0 - RHSA-2000:107 (2000-11-16)
GHSA
GHSA-fjf9-x8mw-r853: named in BIND 8
ghsa_unreviewed·2022-04-30
CVE-2000-0887 [MEDIUM] GHSA-fjf9-x8mw-r853: named in BIND 8
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
No detection rules found.
http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.htmlhttp://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067http://www.cert.org/advisories/CA-2000-20.htmlhttp://www.debian.org/security/2000/20001112http://www.redhat.com/support/errata/RHSA-2000-107.htmlhttp://www.securityfocus.com/archive/1/143843http://www.securityfocus.com/bid/1923https://exchange.xforce.ibmcloud.com/vulnerabilities/5540http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.htmlhttp://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067http://www.cert.org/advisories/CA-2000-20.htmlhttp://www.debian.org/security/2000/20001112http://www.redhat.com/support/errata/RHSA-2000-107.htmlhttp://www.securityfocus.com/archive/1/143843http://www.securityfocus.com/bid/1923https://exchange.xforce.ibmcloud.com/vulnerabilities/5540
2000-12-19
Published