CVE-2011-2464 — Bind vulnerability

11 documents9 sources

Severity

5.0MEDIUMNVD

EPSS

45.0%

top 2.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 ISC Bind

Timeline

PublishedJul 8

Latest updateMay 14

Description

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianisc/bind9< 1:9.8.1.dfsg-1+3

▶NVDisc/bind12 versions+11

🔴Vulnerability Details

GHSA

GHSA-pgw8-84wx-gr5w: Unspecified vulnerability in ISC BIND 9 9↗2022-05-14

▶

CVEList

CVE-2011-2464: Unspecified vulnerability in ISC BIND 9 9↗2011-07-08

▶

OSV

CVE-2011-2464: Unspecified vulnerability in ISC BIND 9 9↗2011-07-08

▶

📋Vendor Advisories

BSD

FreeBSD-SA-11:03.bind: Remote packet Denial of Service against named(8) servers↗2011-09-28

▶

Ubuntu

Bind vulnerability↗2011-07-05

▶

Red Hat

bind: Specially constructed packet will cause named to exit↗2011-07-05

▶

Debian

CVE-2011-2464: bind9 - Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before...↗2011

▶

💬Community

Bugzilla

CVE-2011-2464 CVE-2011-2465 bind various flaws [fedora-15]↗2011-07-05

▶

Bugzilla

CVE-2011-2464 bind: Specially constructed packet will cause named to exit↗2011-07-05

▶