Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2465

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2011-2465
Last Modified 06 Sep 2011 11:17:28
Published 08 Jul 2011 04:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-2465

Summary

Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.

Vulnerable Systems

Application

  • Isc Bind 9.8.0

  • Isc Bind 9.8.1


References

CERT-VN - VU#137968

CONFIRM - http://www.isc.org/software/bind/advisories/cve-2011-2465

XF - iscbind-rpz-dos(68374)

SECTRACK - 1025743

BID - 48565

BUGTRAQ - 20110705 Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations

SECUNIA - 45185

OSVDB - 73604

SUSE - SUSE-SA:2011:029

FEDORA - FEDORA-2011-9146


Last Updated: 27 May 2016 10:57:02