CVE-2012-5689 — Improper Input Validation in Bind

CWE-20 — Improper Input Validation10 documents8 sources

Severity

7.1HIGHNVD

EPSS

3.8%

top 11.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ISC Bind9 Canonical Ubuntu Linux ISC Bind +6 more

Timeline

PublishedJan 25

Latest updateMay 17

Description

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages6 packages

▶Debianisc/bind9< 1:9.8.4.dfsg.P1-6+nmu1+3

▶NVDisc/bind8 versions+7

▶NVDredhat/enterprise_linux_server6.0

▶NVDredhat/enterprise_linux_desktop6.0

▶NVDredhat/enterprise_linux_hpc_node6.0

Also affects: Ubuntu Linux 12.04, 14.04, 15.04, Enterprise Linux 6.4, 6.4.z

🔴Vulnerability Details

GHSA

GHSA-9253-pf7v-j2vx: ISC BIND 9↗2022-05-17

▶

OSV

bind9 vulnerabilities↗2015-07-28

▶

CVEList

CVE-2012-5689: ISC BIND 9↗2013-01-25

▶

OSV

CVE-2012-5689: ISC BIND 9↗2013-01-25

▶

📋Vendor Advisories

Ubuntu

Bind vulnerabilities↗2015-07-28

▶

Red Hat

bind: denial of service when processing queries and with both DNS64 and RPZ enabled↗2013-01-24

▶

Debian

CVE-2012-5689: bind9 - ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configura...↗2012

▶

💬Community

Bugzilla

CVE-2012-5689 bind: denial of service when processing queries and with both DNS64 and RPZ enabled [fedora-all]↗2013-01-24

▶

Bugzilla

CVE-2012-5689 bind: denial of service when processing queries and with both DNS64 and RPZ enabled↗2013-01-23

▶