CVE-2012-1667

HIGH

Description

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.

ID	Name	Product	Family	Severity
137170	OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)	Nessus	OracleVM Local Security Checks	critical
99569	OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)	Nessus	OracleVM Local Security Checks	critical
91739	OracleVM 3.2 : bind (OVMSA-2016-0055)	Nessus	OracleVM Local Security Checks	high
89039	VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)	Nessus	Misc.	high
86003	F5 Networks BIG-IP : BIND vulnerability (SOL13660)	Nessus	F5 Networks Local Security Checks	high
80593	Oracle Solaris Third-Party Patch Update : bind (cve_2012_1667_denial_of)	Nessus	Solaris Local Security Checks	high
74953	openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)	Nessus	SuSE Local Security Checks	high
74648	openSUSE Security Update : bind (openSUSE-SU-2012:0722-1)	Nessus	SuSE Local Security Checks	high
69691	Amazon Linux AMI : bind (ALAS-2012-84)	Nessus	Amazon Linux Local Security Checks	high
68680	Oracle Linux 4 : bind (ELSA-2012-2028)	Nessus	Oracle Linux Local Security Checks	high
68538	Oracle Linux 5 : bind97 (ELSA-2012-0717)	Nessus	Oracle Linux Local Security Checks	high
68537	Oracle Linux 5 / 6 : bind (ELSA-2012-0716)	Nessus	Oracle Linux Local Security Checks	high
6806	ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure	Nessus Network Monitor	DNS Servers	high
64112	SuSE 11.1 Security Update : bind (SAT Patch Number 6388)	Nessus	SuSE Local Security Checks	high
64111	SuSE 11.2 Security Update : bind (SAT Patch Number 6382)	Nessus	SuSE Local Security Checks	high
63724	AIX 5.3 TL 12 : bind9 (IV22625)	Nessus	AIX Local Security Checks	high
63723	AIX 7.1 TL 1 : bind9 (IV22557)	Nessus	AIX Local Security Checks	high
63722	AIX 7.1 TL 0 : bind9 (IV22556)	Nessus	AIX Local Security Checks	high
63721	AIX 6.1 TL 7 : bind9 (IV22555)	Nessus	AIX Local Security Checks	high
63720	AIX 6.1 TL 6 : bind9 (IV22554)	Nessus	AIX Local Security Checks	high
63167	Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2012-341-01)	Nessus	Slackware Local Security Checks	high
62944	VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console	Nessus	VMware ESX Local Security Checks	high
62237	GLSA-201209-04 : BIND: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
6584	Mac OS X 10.8 < 10.8.2 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
6583	Mac OS X 10.7 < 10.7.5 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
62215	Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
62214	Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)	Nessus	MacOS X Local Security Checks	critical
62213	Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)	Nessus	MacOS X Local Security Checks	critical
61325	Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20120607)	Nessus	Scientific Linux Local Security Checks	high
61324	Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20120607)	Nessus	Scientific Linux Local Security Checks	high
59764	Debian DSA-2486-1 : bind9 - denial of service	Nessus	Debian Local Security Checks	high
59749	FreeBSD : FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) (fc5231b6-c066-11e1-b5e0-000c299b62e1)	Nessus	FreeBSD Local Security Checks	high
59552	SuSE 10 Security Update : bind (ZYPP Patch Number 8169)	Nessus	SuSE Local Security Checks	high
59541	Fedora 15 : bind-9.8.3-2.P1.fc15 (2012-8962)	Nessus	Fedora Local Security Checks	high
59540	Fedora 16 : bind-9.8.3-2.P1.fc16 (2012-8946)	Nessus	Fedora Local Security Checks	high
59507	Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2012-166-01)	Nessus	Slackware Local Security Checks	high
59488	Fedora 17 : bind-9.9.1-2.P1.fc17 (2012-8968)	Nessus	Fedora Local Security Checks	high
59446	ISC BIND 9 Zero-Length RDATA Section Denial of Service / Information Disclosure	Nessus	DNS	high
59440	Mandriva Linux Security Advisory : bind (MDVSA-2012:089)	Nessus	Mandriva Local Security Checks	high
59424	RHEL 5 : bind97 (RHSA-2012:0717)	Nessus	Red Hat Local Security Checks	high
59423	RHEL 5 / 6 : bind (RHSA-2012:0716)	Nessus	Red Hat Local Security Checks	high
59414	CentOS 5 : bind97 (CESA-2012:0717)	Nessus	CentOS Local Security Checks	high
59413	CentOS 5 / 6 : bind (CESA-2012:0716)	Nessus	CentOS Local Security Checks	high
59386	Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerabilities (USN-1462-1)	Nessus	Ubuntu Local Security Checks	high
59361	FreeBSD : dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory (1ecc0d3f-ae8e-11e1-965b-0024e88a8c98)	Nessus	FreeBSD Local Security Checks	high

CVE-2012-1667

Description

References

Details

Risk Information

CVSS v2.0