Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0033

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0033
Last Modified 05 Sep 2008 04:45:07
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0033

Summary

Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.

Vulnerable Systems

Application

  • Isc Bind 8.4.4

  • Isc Bind 8.4.5


References

CERT-VN - VU#327633

MISC - http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html

CONFIRM - http://www.isc.org/index.pl?/sw/bind/bind8.php

CONFIRM - http://www.isc.org/index.pl?/sw/bind/bind-security.php

XF - bind-qusedns-bo(19063)

BID - 12364

SECTRACK - 1012996

SECUNIA - 18291

SECUNIA - 14009

SCO - SCOSA-2006.1


Last Updated: 27 May 2016 10:39:38