CVE-2011-1910 — Reachable Assertion in Bind

CWE-1899 documents9 sources

Severity

5.0MEDIUMNVD

EPSS

11.9%

top 6.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 ISC Bind

Timeline

PublishedMay 31

Latest updateMay 13

Description

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianisc/bind9< 1:9.8.1.dfsg-1+3

▶NVDisc/bind47 versions+46

🔴Vulnerability Details

GHSA

GHSA-3wf6-qrm5-g4cj: Off-by-one error in named in ISC BIND 9↗2022-05-13

▶

CVEList

CVE-2011-1910: Off-by-one error in named in ISC BIND 9↗2011-05-31

▶

OSV

CVE-2011-1910: Off-by-one error in named in ISC BIND 9↗2011-05-31

▶

📋Vendor Advisories

Ubuntu

Bind vulnerabilities↗2011-05-30

▶

BSD

FreeBSD-SA-11:02.bind: BIND remote DoS with large RRSIG RRsets and negative caching↗2011-05-28

▶

Red Hat

bind: Large RRSIG RRsets and Negative Caching can crash named↗2011-05-26

▶

Debian

CVE-2011-1910: bind9 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2...↗2011

▶

💬Community

Bugzilla

CVE-2011-1910 bind: Large RRSIG RRsets and Negative Caching can crash named↗2011-05-27

▶