CVE-2012-3817 — Improper Input Validation in Bind

CWE-20 — Improper Input Validation10 documents9 sources

Severity

7.8HIGHNVD

EPSS

6.7%

top 8.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 ISC Bind

Timeline

PublishedJul 25

Latest updateMay 14

Description

ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶Debianisc/bind9< 1:9.8.1.dfsg.P1-4.2+3

▶NVDisc/bind28 versions+27

🔴Vulnerability Details

GHSA

GHSA-p54h-xvx8-c742: ISC BIND 9↗2022-05-14

▶

CVEList

CVE-2012-3817: ISC BIND 9↗2012-07-25

▶

OSV

CVE-2012-3817: ISC BIND 9↗2012-07-25

▶

📋Vendor Advisories

BSD

FreeBSD-SA-12:05.bind: named(8) DNSSEC validation Denial of Service↗2012-08-06

▶

Ubuntu

Bind vulnerability↗2012-07-26

▶

Red Hat

bind: heavy DNSSEC validation load can cause assertion failure↗2012-07-24

▶

Debian

CVE-2012-3817: bind9 - ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; ...↗2012

▶

💬Community

Bugzilla

CVE-2012-3817 bind: heavy DNSSEC validation load can cause assertion failure↗2012-07-24

▶

Bugzilla

CVE-2012-3817 bind: heavy DNSSEC validation load can cause assertion failure [fedora-all]↗2012-07-24

▶