CVE-2012-5688

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

References

http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

http://rhn.redhat.com/errata/RHSA-2012-1549.html

http://support.apple.com/kb/HT5880

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004

http://www.ubuntu.com/usn/USN-1657-1

https://kb.isc.org/article/AA-00828

Details

Source: MITRE

Published: 2012-12-06

Updated: 2018-12-06

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:9.8.0:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.2:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.3:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.3:p4:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:isc:bind:9.9.0:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.1:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.9.1:p4:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
high
99569OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)NessusOracleVM Local Security Checks
high
74953openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)NessusSuSE Local Security Checks
high
74845openSUSE Security Update : bind (openSUSE-SU-2012:1649-1)NessusSuSE Local Security Checks
high
72208GLSA-201401-34 : BIND: Denial of ServiceNessusGentoo Local Security Checks
high
8008Mac OS X 10.8 < 10.8.5 Multiple Vulnerabilities (Security Update 2013-004)Nessus Network MonitorWeb Clients
critical
69878Mac OS X Multiple Vulnerabilities (Security Update 2013-004)NessusMacOS X Local Security Checks
critical
69877Mac OS X 10.8.x < 10.8.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
69636Amazon Linux AMI : bind (ALAS-2012-146)NessusAmazon Linux Local Security Checks
high
68664Oracle Linux 6 : bind (ELSA-2012-1549)NessusOracle Linux Local Security Checks
high
6810ISC BIND 9 DNS64 Handling DoSNessus Network MonitorDNS Servers
medium
64792FreeBSD : FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query (4671cdc9-7c6d-11e2-809b-6c626d99876c)NessusFreeBSD Local Security Checks
high
63360Fedora 16 : bind-9.8.4-3.P1.fc16 (2012-19822)NessusFedora Local Security Checks
high
63255Fedora 17 : bind-9.9.2-3.P1.fc17 (2012-19830)NessusFedora Local Security Checks
high
63215Fedora 18 : bind-9.9.2-5.P1.fc18 (2012-19777)NessusFedora Local Security Checks
high
63191Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20121206)NessusScientific Linux Local Security Checks
high
63187CentOS 6 : bind (CESA-2012:1549)NessusCentOS Local Security Checks
high
63184Ubuntu 12.04 LTS / 12.10 : bind9 vulnerability (USN-1657-1)NessusUbuntu Local Security Checks
high
63182RHEL 6 : bind (RHSA-2012:1549)NessusRed Hat Local Security Checks
high
63167Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2012-341-01)NessusSlackware Local Security Checks
high
63166ISC BIND 9 DNS64 Handling DoSNessusDNS
high
63161Mandriva Linux Security Advisory : bind (MDVSA-2012:177)NessusMandriva Local Security Checks
high
63159FreeBSD : dns/bind9* -- servers using DNS64 can be crashed by a crafted query (2892a8e2-3d68-11e2-8e01-0800273fe665)NessusFreeBSD Local Security Checks
high