CVE-2011-2465 — Bind vulnerability

9 documents7 sources

Severity

2.6LOWNVD

EPSS

14.0%

top 5.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 ISC Bind

Timeline

PublishedJul 8

Latest updateMay 14

Description

Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶Debianisc/bind9< 1:9.8.1.dfsg.P1-1+3

▶NVDisc/bind9.8.0, 9.8.1+1

Patches

Patch: www.isc.org ↗Patch: www.isc.org ↗

🔴Vulnerability Details

GHSA

GHSA-mq9v-93wj-m5jw: Unspecified vulnerability in ISC BIND 9 9↗2022-05-14

▶

CVEList

CVE-2011-2465: Unspecified vulnerability in ISC BIND 9 9↗2011-07-08

▶

OSV

CVE-2011-2465: Unspecified vulnerability in ISC BIND 9 9↗2011-07-08

▶

📋Vendor Advisories

Red Hat

bind: Remote Crash with Certain RPZ Configurations↗2011-07-05

▶

Debian

CVE-2011-2465: bind9 - Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, ...↗2011

▶

💬Community

Bugzilla

CVE-2011-2464 CVE-2011-2465 bind various flaws [fedora-15]↗2011-07-05

▶

Bugzilla

CVE-2011-2465 bind: Remote Crash with Certain RPZ Configurations [fedora-rawhide]↗2011-07-05

▶

Bugzilla

CVE-2011-2465 bind: Remote Crash with Certain RPZ Configurations↗2011-07-05

▶