Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0010Improper Restriction of Operations within the Bounds of a Memory Buffer in Bind

9 documents6 sources
Severity
10.0CRITICALNVD
EPSS
82.1%
top 0.79%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ISC Bind
Timeline
PublishedFeb 12
Latest updateApr 30

Description

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDisc/bind8.2, 8.2.1, 8.2.2+2

Patches

Patch: www.cert.orgPatch: www.securityfocus.comPatch: www.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-v5g5-g755-gf4v: Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges2022-04-30
CVEList
CVE-2001-0010: Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges2001-05-07

💥Exploits & PoCs

4
Exploit-DB
ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (4)2001-03-02
Exploit-DB
ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (1)2001-03-01
Exploit-DB
ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (2)2001-03-01
Exploit-DB
ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (3)2001-03-01

📋Vendor Advisories

1
Red Hat
security flaw2001-01-29

💬Community

1
Bugzilla
CVE-2001-0010 security flaw2018-08-16
CVE-2001-0010 — ISC Bind vulnerability | cvebase