CVE-2013-2266
published 2013-03-28CVE-2013-2266: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote…
high7.8CVSS 3.1
AVNACLAuNCNINAC
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < bind9 1:9.8.4.dfsg.P1-6+nmu1 (bookworm) | bind9 1:9.8.4.dfsg.P1-6+nmu1 (bookworm) |
| debian | isc-dhcp | < isc-dhcp 4.2.4-6 (bookworm) | isc-dhcp 4.2.4-6 (bookworm) |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind9 | >= 0 < 1:9.8.4.dfsg.P1-6+nmu1 | 1:9.8.4.dfsg.P1-6+nmu1 |
| isc | bind9 | >= 0 < 1:9.8.4.dfsg.P1-6+nmu1 | 1:9.8.4.dfsg.P1-6+nmu1 |
| isc | bind9 | >= 0 < 1:9.8.4.dfsg.P1-6+nmu1 | 1:9.8.4.dfsg.P1-6+nmu1 |
| isc | bind9 | >= 0 < 1:9.8.4.dfsg.P1-6+nmu1 | 1:9.8.4.dfsg.P1-6+nmu1 |
| isc | dhcp | — | — |
| isc | dhcp | — | — |
CVSS provenance
nvd7.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH