CVE-2013-2266

HIGH

Description

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

ID	Name	Product	Family	Severity
99569	OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)	Nessus	OracleVM Local Security Checks	critical
80247	OracleVM 3.3 : bind (OVMSA-2014-0084)	Nessus	OracleVM Local Security Checks	high
78148	F5 Networks BIG-IP : BIND vulnerability (K14386)	Nessus	F5 Networks Local Security Checks	high
74959	openSUSE Security Update : dhcp (openSUSE-SU-2013:0619-1)	Nessus	SuSE Local Security Checks	high
74958	openSUSE Security Update : dhcp (openSUSE-SU-2013:0620-1)	Nessus	SuSE Local Security Checks	high
74954	openSUSE Security Update : bind (openSUSE-2013-297)	Nessus	SuSE Local Security Checks	high
74953	openSUSE Security Update : bind (openSUSE-SU-2013:0605-1)	Nessus	SuSE Local Security Checks	high
72208	GLSA-201401-34 : BIND: Denial of Service	Nessus	Gentoo Local Security Checks	high
8008	Mac OS X 10.8 < 10.8.5 Multiple Vulnerabilities (Security Update 2013-004)	Nessus Network Monitor	Web Clients	critical
69878	Mac OS X Multiple Vulnerabilities (Security Update 2013-004)	Nessus	MacOS X Local Security Checks	critical
69877	Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
69735	Amazon Linux AMI : bind (ALAS-2013-176)	Nessus	Amazon Linux Local Security Checks	high
68800	Oracle Linux 5 : bind97 (ELSA-2013-0690)	Nessus	Oracle Linux Local Security Checks	high
68799	Oracle Linux 6 : bind (ELSA-2013-0689)	Nessus	Oracle Linux Local Security Checks	high
67098	CentOS 6 : bind (CESA-2013:0689)	Nessus	CentOS Local Security Checks	high
6811	ISC BIND 9 libdns Regular Expressions Handling DoS	Nessus Network Monitor	DNS Servers	high
66072	Mandriva Linux Security Advisory : bind (MDVSA-2013:058)	Nessus	Mandriva Local Security Checks	high
66020	SuSE 11.2 Security Update : dhcp (SAT Patch Number 7571)	Nessus	SuSE Local Security Checks	high
65844	FreeBSD : dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion (7a282e49-95b6-11e2-8433-0800273fe665)	Nessus	FreeBSD Local Security Checks	high
65840	FreeBSD : FreeBSD -- BIND remote denial of service (13031d98-9bd1-11e2-a7be-8c705af55518)	Nessus	FreeBSD Local Security Checks	high
65832	Fedora 17 : bind-9.9.2-7.P2.fc17 (2013-4533)	Nessus	Fedora Local Security Checks	high
65826	Fedora 18 : bind-9.9.2-10.P2.fc18 (2013-4525)	Nessus	Fedora Local Security Checks	high
65763	Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : bind9 vulnerability (USN-1783-1)	Nessus	Ubuntu Local Security Checks	high
65762	Scientific Linux Security Update : bind on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
65761	Scientific Linux Security Update : bind97 on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
65744	Debian DSA-2656-1 : bind9 - denial of service	Nessus	Debian Local Security Checks	high
65736	ISC BIND 9 libdns Regular Expression Handling DoS	Nessus	DNS	high
65729	RHEL 5 : bind97 (RHSA-2013:0690)	Nessus	Red Hat Local Security Checks	high
65728	RHEL 6 : bind (RHSA-2013:0689)	Nessus	Red Hat Local Security Checks	high
65726	CentOS 5 : bind97 (CESA-2013:0690)	Nessus	CentOS Local Security Checks	high
65706	Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : dhcp (SSA:2013-086-02)	Nessus	Slackware Local Security Checks	high
65705	Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : bind (SSA:2013-086-01)	Nessus	Slackware Local Security Checks	high

CVE-2013-2266

Description

References

Details

Risk Information

CVSS v2.0