Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0696

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0696
Last Modified 18 Jul 2011 10:25:43
Published 29 Jul 2009 01:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0696

Summary

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

Vulnerable Systems

Application

  • Isc Bind 9.4

  • Isc Bind 9.4.0

  • Isc Bind 9.4.0a1

  • Isc Bind 9.4.0a2

  • Isc Bind 9.4.0a3

  • Isc Bind 9.4.0a4

  • Isc Bind 9.4.0a5

  • Isc Bind 9.4.0a6

  • Isc Bind 9.4.0b1

  • Isc Bind 9.4.0b2

  • Isc Bind 9.4.0b3

  • Isc Bind 9.4.0b4

  • Isc Bind 9.4.1

  • Isc Bind 9.4.2

  • Isc Bind 9.4.2-p2-w1

  • Isc Bind 9.4.3

  • Isc Bind 9.4.3b1

  • Isc Bind 9.4.3b2

  • Isc Bind 9.4.3b3

  • Isc Bind 9.5

  • Isc Bind 9.5.0

  • Isc Bind 9.5.0-p1

  • Isc Bind 9.5.0-p2

  • Isc Bind 9.5.0-p2-w1

  • Isc Bind 9.5.0-p2-w2

  • Isc Bind 9.5.0a1

  • Isc Bind 9.5.0a2

  • Isc Bind 9.5.0a3

  • Isc Bind 9.5.0a4

  • Isc Bind 9.5.0a5

  • Isc Bind 9.5.0a6

  • Isc Bind 9.5.0a7

  • Isc Bind 9.5.0b1

  • Isc Bind 9.5.0b2

  • Isc Bind 9.5.0b3

  • Isc Bind 9.5.1

  • Isc Bind 9.5.1b1

  • Isc Bind 9.5.1b2

  • Isc Bind 9.5.1b3

  • Isc Bind 9.6.0

  • Isc Bind 9.6.0a1

  • Isc Bind 9.6.0b1

  • Isc Bind 9.6.1


References

CERT-VN - VU#725188

CONFIRM - https://www.isc.org/node/474

FEDORA - FEDORA-2009-8119

VUPEN - ADV-2009-3316

VUPEN - ADV-2009-2247

VUPEN - ADV-2009-2171

VUPEN - ADV-2009-2088

VUPEN - ADV-2009-2036

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

UBUNTU - USN-808-1

SLACKWARE - SSA:2009-210-01

SECTRACK - 1022613

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

BUGTRAQ - 20090729 rPSA-2009-0113-1 bind bind-utils

OPENBSD - [4.4] 014: RELIABILITY FIX: July 29, 2009

CONFIRM - http://wiki.rpath.com/Advisories:rPSA-2009-0113

CONFIRM - http://up2date.astaro.com/2009/08/up2date_7505_released.html

SUNALERT - 1020788

SUNALERT - 264828

SECUNIA - 39334

SECUNIA - 37471

SECUNIA - 36192

SECUNIA - 36098

SECUNIA - 36086

SECUNIA - 36063

SECUNIA - 36056

SECUNIA - 36053

SECUNIA - 36050

SECUNIA - 36038

SECUNIA - 36035

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538975

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/bind_advisory.asc

CONFIRM - ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

NETBSD - NetBSD-SA2009-013

Related Patches

Apple 2009-08-12 Security Update 2009-003 2009-004 Server (Tiger PPC)

Apple 2009-08-12 Security Update 2009-003 2009-004 (Tiger PPC)

Apple 2009-08-12 Security Update 2009-004 (Leopard)

Novell SUSE 2009:6382 bind security update for SLE 10 SP2 i586


Last Updated: 27 May 2016 10:50:20