CVE-2012-5688 — Improper Input Validation in Bind

CWE-20 — Improper Input Validation10 documents9 sources

Severity

7.8HIGHNVD

EPSS

7.6%

top 8.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 Canonical Ubuntu Linux ISC Bind

Timeline

PublishedDec 6

Latest updateMay 14

Description

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶Debianisc/bind9< 1:9.8.4.dfsg.P1-1+3

▶NVDisc/bind6 versions+5

Also affects: Ubuntu Linux 12.04, 12.10

Patches

Patch: kb.isc.org ↗Patch: kb.isc.org ↗

🔴Vulnerability Details

GHSA

GHSA-vf43-m8wx-8xfh: ISC BIND 9↗2022-05-14

▶

CVEList

CVE-2012-5688: ISC BIND 9↗2012-12-06

▶

OSV

CVE-2012-5688: ISC BIND 9↗2012-12-06

▶

📋Vendor Advisories

BSD

FreeBSD-SA-13:01.bind: BIND remote DoS with deliberately crafted DNS64 query↗2013-02-19

▶

Ubuntu

Bind vulnerability↗2012-12-06

▶

Red Hat

bind: DoS on servers using DNS64↗2012-12-04

▶

Debian

CVE-2012-5688: bind9 - ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled,...↗2012

▶

💬Community

Bugzilla

CVE-2012-5688 bind: DoS on servers using DNS64↗2012-12-04

▶

Bugzilla

CVE-2012-5688 bind: DoS on servers using DNS64 [fedora-all]↗2012-12-04

▶