CVE-2011-2464

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.

References

http://blogs.oracle.com/sunsecurity/entry/cve_2011_2464_remote_denial

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00006.html

http://marc.info/?l=bugtraq&m=131983337229394&w=2

http://osvdb.org/73605

http://secunia.com/advisories/45082

http://secunia.com/advisories/45089

http://secunia.com/advisories/45143

http://secunia.com/advisories/45177

http://secunia.com/advisories/45185

http://secunia.com/advisories/45223

http://secunia.com/advisories/45410

http://secunia.com/advisories/45412

http://support.apple.com/kb/HT5002

http://www.debian.org/security/2011/dsa-2272

http://www.isc.org/software/bind/advisories/cve-2011-2464

http://www.kb.cert.org/vuls/id/142646

http://www.mandriva.com/security/advisories?name=MDVSA-2011:115

http://www.redhat.com/support/errata/RHSA-2011-0926.html

http://www.securityfocus.com/archive/1/518749/100/0/threaded

http://www.securityfocus.com/bid/48566

http://www.securitytracker.com/id?1025742

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.377171

https://exchange.xforce.ibmcloud.com/vulnerabilities/68375

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13997

https://www.ubuntu.com/usn/USN-1163-1/

Details

Source: MITRE

Published: 2011-07-08

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2b1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
high
99569OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)NessusOracleVM Local Security Checks
high
78130F5 Networks BIG-IP : BIND vulnerability (SOL12986)NessusF5 Networks Local Security Checks
medium
75794openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)NessusSuSE Local Security Checks
medium
75440openSUSE Security Update : bind (openSUSE-SU-2011:0788-1)NessusSuSE Local Security Checks
medium
68303Oracle Linux 5 / 6 : bind (ELSA-2011-0926)NessusOracle Linux Local Security Checks
medium
61080Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
59629GLSA-201206-01 : BIND: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
56840HP-UX PHNE_42727 : s700_800 11.23 BIND 9.2.0 Revision 5.0NessusHP-UX Local Security Checks
medium
57161SuSE 10 Security Update : bind (ZYPP Patch Number 7614)NessusSuSE Local Security Checks
medium
6039Mac OS X 10.7 < 10.7.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
56481Mac OS X Multiple Vulnerabilities (Security Update 2011-006)NessusMacOS X Local Security Checks
critical
56480Mac OS X 10.7.x < 10.7.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
55834Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2011-224-01)NessusSlackware Local Security Checks
medium
55704Slackware 13.37 / current : bind (SSA:2011-189-01)NessusSlackware Local Security Checks
medium
55657Fedora 14 : bind-9.7.4-0.3.b1.fc14 (2011-9127)NessusFedora Local Security Checks
medium
55634Mandriva Linux Security Advisory : bind (MDVSA-2011:115)NessusMandriva Local Security Checks
medium
55562Fedora 15 : bind-9.8.0-7.P4.fc15 (2011-9146)NessusFedora Local Security Checks
medium
55547SuSE 11.1 Security Update : bind (SAT Patch Number 4846)NessusSuSE Local Security Checks
medium
55539RHEL 5 / 6 : bind (RHSA-2011:0926)NessusRed Hat Local Security Checks
medium
55536CentOS 5 : bind97 (CESA-2011:0926)NessusCentOS Local Security Checks
medium
5982ISC BIND 9 Unspecified Packet Processing Remote DoSNessus Network MonitorDNS Servers
medium
55534ISC BIND 9 Unspecified Packet Processing Remote DoSNessusDNS
high
55522Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : bind9 vulnerability (USN-1163-1)NessusUbuntu Local Security Checks
medium
55518FreeBSD : BIND -- Remote DoS against authoritative and recursive servers (fd64188d-a71d-11e0-89b4-001ec9578670)NessusFreeBSD Local Security Checks
medium
55516Debian DSA-2272-1 : bind9 - denial of serviceNessusDebian Local Security Checks
medium