ID CVE-2011-4313
Summary query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
References
Vulnerable Configurations
  • ISC BIND 9.0
    cpe:2.3:a:isc:bind:9.0
  • ISC BIND 9.0.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.0:rc1
  • ISC BIND 9.0.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.0:rc2
  • ISC BIND 9.0.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.0.0:rc3
  • ISC BIND 9.0.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.0.0:rc4
  • ISC BIND 9.0.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.0.0:rc5
  • ISC BIND 9.0.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.0.0:rc6
  • ISC BIND 9.0.1
    cpe:2.3:a:isc:bind:9.0.1
  • ISC BIND 9.0.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.0.1:rc1
  • ISC BIND 9.0.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.0.1:rc2
  • ISC BIND 9.1
    cpe:2.3:a:isc:bind:9.1
  • ISC BIND 9.1.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.0:rc1
  • ISC BIND 9.1.1
    cpe:2.3:a:isc:bind:9.1.1
  • ISC BIND 9.1.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.1:rc1
  • ISC BIND 9.1.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.1:rc2
  • ISC BIND 9.1.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.1:rc3
  • ISC BIND 9.1.1 Release Candidate 4
    cpe:2.3:a:isc:bind:9.1.1:rc4
  • ISC BIND 9.1.1 Release Candidate 5
    cpe:2.3:a:isc:bind:9.1.1:rc5
  • ISC BIND 9.1.1 Release Candidate 6
    cpe:2.3:a:isc:bind:9.1.1:rc6
  • ISC BIND 9.1.1 Release Candidate 7
    cpe:2.3:a:isc:bind:9.1.1:rc7
  • ISC BIND 9.1.2
    cpe:2.3:a:isc:bind:9.1.2
  • ISC BIND 9.1.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.2:rc1
  • ISC BIND 9.1.3
    cpe:2.3:a:isc:bind:9.1.3
  • ISC BIND 9.1.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.1.3:rc1
  • ISC BIND 9.1.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.1.3:rc2
  • ISC BIND 9.1.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.1.3:rc3
  • ISC BIND 9.2.0
    cpe:2.3:a:isc:bind:9.2.0
  • ISC BIND 9.2.0 Alpha 1
    cpe:2.3:a:isc:bind:9.2.0:a1
  • ISC BIND 9.2.0 Alpha 2
    cpe:2.3:a:isc:bind:9.2.0:a2
  • ISC BIND 9.2.0 Alpha 3
    cpe:2.3:a:isc:bind:9.2.0:a3
  • ISC BIND 9.2.0 Beta 1
    cpe:2.3:a:isc:bind:9.2.0:b1
  • ISC BIND 9.2.0 Beta 2
    cpe:2.3:a:isc:bind:9.2.0:b2
  • ISC BIND 9.2.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.0:rc1
  • ISC BIND 9.2.0 Release Candidate 10
    cpe:2.3:a:isc:bind:9.2.0:rc10
  • ISC BIND 9.2.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.0:rc2
  • ISC BIND 9.2.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.0:rc3
  • ISC BIND 9.2.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.0:rc4
  • ISC BIND 9.2.0 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.0:rc5
  • ISC BIND 9.2.0 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.0:rc6
  • ISC BIND 9.2.0 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.0:rc7
  • ISC BIND 9.2.0 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.0:rc8
  • ISC BIND 9.2.0 Release Candidate 9
    cpe:2.3:a:isc:bind:9.2.0:rc9
  • ISC BIND 9.2.1
    cpe:2.3:a:isc:bind:9.2.1
  • ISC BIND 9.2.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.1:rc1
  • ISC BIND 9.2.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.1:rc2
  • ISC BIND 9.2.2
    cpe:2.3:a:isc:bind:9.2.2
  • ISC BIND 9.2.2 Patch 2
    cpe:2.3:a:isc:bind:9.2.2:p2
  • ISC BIND 9.2.2 P3
    cpe:2.3:a:isc:bind:9.2.2:p3
  • ISC BIND 9.2.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.2:rc1
  • ISC BIND 9.2.3
    cpe:2.3:a:isc:bind:9.2.3
  • ISC BIND 9.2.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.3:rc1
  • ISC BIND 9.2.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.3:rc2
  • ISC BIND 9.2.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.3:rc3
  • ISC BIND 9.2.3 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.3:rc4
  • ISC BIND 9.2.4
    cpe:2.3:a:isc:bind:9.2.4
  • ISC BIND 9.2.4 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.4:rc2
  • ISC BIND 9.2.4 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.4:rc3
  • ISC BIND 9.2.4 Release Candidate 4
    cpe:2.3:a:isc:bind:9.2.4:rc4
  • ISC BIND 9.2.4 Release Candidate 5
    cpe:2.3:a:isc:bind:9.2.4:rc5
  • ISC BIND 9.2.4 Release Candidate 6
    cpe:2.3:a:isc:bind:9.2.4:rc6
  • ISC BIND 9.2.4 Release Candidate 7
    cpe:2.3:a:isc:bind:9.2.4:rc7
  • ISC BIND 9.2.4 Release Candidate 8
    cpe:2.3:a:isc:bind:9.2.4:rc8
  • ISC BIND 9.2.5
    cpe:2.3:a:isc:bind:9.2.5
  • ISC BIND 9.2.5 Beta 2
    cpe:2.3:a:isc:bind:9.2.5:b2
  • ISC BIND 9.2.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.5:rc1
  • ISC BIND 9.2.6
    cpe:2.3:a:isc:bind:9.2.6
  • ISC BIND 9.2.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.6:rc1
  • ISC BIND 9.2.7
    cpe:2.3:a:isc:bind:9.2.7
  • ISC BIND 9.2.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.7:rc1
  • ISC BIND 9.2.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.2.7:rc2
  • ISC BIND 9.2.7 Release Candidate 3
    cpe:2.3:a:isc:bind:9.2.7:rc3
  • ISC BIND 9.2.8
    cpe:2.3:a:isc:bind:9.2.8
  • ISC BIND 9.2.9
    cpe:2.3:a:isc:bind:9.2.9
  • ISC BIND 9.2.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.2.9:rc1
  • ISC BIND 9.3
    cpe:2.3:a:isc:bind:9.3
  • ISC BIND 9.3.0
    cpe:2.3:a:isc:bind:9.3.0
  • ISC BIND 9.3.0 Beta 2
    cpe:2.3:a:isc:bind:9.3.0:b2
  • ISC BIND 9.3.0 Beta 3
    cpe:2.3:a:isc:bind:9.3.0:b3
  • ISC BIND 9.3.0 Beta 4
    cpe:2.3:a:isc:bind:9.3.0:b4
  • ISC BIND 9.3.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.0:rc1
  • ISC BIND 9.3.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.0:rc2
  • ISC BIND 9.3.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.0:rc3
  • ISC BIND 9.3.0 Release Candidate 4
    cpe:2.3:a:isc:bind:9.3.0:rc4
  • ISC BIND 9.3.1
    cpe:2.3:a:isc:bind:9.3.1
  • ISC BIND 9.3.1 Beta 2
    cpe:2.3:a:isc:bind:9.3.1:b2
  • ISC BIND 9.3.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.1:rc1
  • ISC BIND 9.3.2
    cpe:2.3:a:isc:bind:9.3.2
  • ISC BIND 9.3.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.2:rc1
  • ISC BIND 9.3.3
    cpe:2.3:a:isc:bind:9.3.3
  • ISC BIND 9.3.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.3:rc1
  • ISC BIND 9.3.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.3:rc2
  • ISC BIND 9.3.3 Release Candidate 3
    cpe:2.3:a:isc:bind:9.3.3:rc3
  • ISC BIND 9.3.4
    cpe:2.3:a:isc:bind:9.3.4
  • ISC BIND 9.3.5
    cpe:2.3:a:isc:bind:9.3.5
  • ISC BIND 9.3.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.5:rc1
  • ISC BIND 9.3.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.3.5:rc2
  • ISC BIND 9.3.6
    cpe:2.3:a:isc:bind:9.3.6
  • ISC BIND 9.3.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.3.6:rc1
  • ISC BIND 9.4
    cpe:2.3:a:isc:bind:9.4
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.4.3 rc1
    cpe:2.3:a:isc:bind:9.4.3:rc1
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.5.0 rc1
    cpe:2.3:a:isc:bind:9.5.0:rc1
  • ISC BIND 9.5.1
    cpe:2.3:a:isc:bind:9.5.1
  • ISC BIND 9.5.1 Beta 1
    cpe:2.3:a:isc:bind:9.5.1:b1
  • ISC BIND 9.5.1 Beta 2
    cpe:2.3:a:isc:bind:9.5.1:b2
  • ISC BIND 9.5.1 Beta 3
    cpe:2.3:a:isc:bind:9.5.1:b3
  • ISC BIND 9.5.1 rc1
    cpe:2.3:a:isc:bind:9.5.1:rc1
  • ISC BIND 9.5.1 rc2
    cpe:2.3:a:isc:bind:9.5.1:rc2
  • ISC BIND 9.5.2
    cpe:2.3:a:isc:bind:9.5.2
  • ISC BIND 9.5.2 Beta 1
    cpe:2.3:a:isc:bind:9.5.2:b1
  • ISC BIND 9.5.2 Patch 1
    cpe:2.3:a:isc:bind:9.5.2:p1
  • ISC BIND 9.5.2 Patch 2
    cpe:2.3:a:isc:bind:9.5.2:p2
  • ISC BIND 9.5.2 Patch 3
    cpe:2.3:a:isc:bind:9.5.2:p3
  • ISC BIND 9.5.2 Patch 4
    cpe:2.3:a:isc:bind:9.5.2:p4
  • ISC BIND 9.5.2 release candidate 1
    cpe:2.3:a:isc:bind:9.5.2:rc1
  • ISC BIND 9.5.3 Beta 1
    cpe:2.3:a:isc:bind:9.5.3:b1
  • ISC BIND 9.5.3 release candidate 1
    cpe:2.3:a:isc:bind:9.5.3:rc1
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.2 Beta 1
    cpe:2.3:a:isc:bind:9.6.2:b1
  • ISC BIND 9.6.2 Patch 1
    cpe:2.3:a:isc:bind:9.6.2:p1
  • ISC BIND 9.6.2 Patch 2
    cpe:2.3:a:isc:bind:9.6.2:p2
  • ISC BIND 9.6.2 Patch 3
    cpe:2.3:a:isc:bind:9.6.2:p3
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.3 Beta 1
    cpe:2.3:a:isc:bind:9.6.3:b1
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0-P4
    cpe:2.3:a:isc:bind:9.8.0:p4
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.1
    cpe:2.3:a:isc:bind:9.8.1
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
  • ISC BIND 9.8.1 B2
    cpe:2.3:a:isc:bind:9.8.1:b2
  • ISC BIND 9.8.1 B3
    cpe:2.3:a:isc:bind:9.8.1:b3
  • ISC BIND 9.8.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.1:rc1
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:-:-:-:esv
  • ISC BIND 9.4 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:b1:-:-:esv
  • ISC BIND 9.4 Release 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r1:-:-:esv
  • ISC BIND 9.4 Release 2 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r2:-:-:esv
  • ISC BIND 9.4 Release 3 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r3:-:-:esv
  • ISC BIND 9.4 Release 4 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4:-:-:esv
  • ISC BIND 9.4 Release 4 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r4-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5:-:-:esv
  • ISC BIND 9.4 Release 5 Beta 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-b1:-:-:esv
  • ISC BIND 9.4 Release 5 Patch 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-p1:-:-:esv
  • ISC BIND 9.4 Release 5 Release Candidate 1 Extended Support Version
    cpe:2.3:a:isc:bind:9.4:r5-rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
CVSS
Base: 5.0 (as of 04-04-2016 - 10:14)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_7_5.NASL
    description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP - Profile Manager - QuickLook - QuickTime - Ruby - USB
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62214
    published 2012-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62214
    title Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_42727.NASL
    description s700_800 11.23 BIND 9.2.0 Revision 5.0 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBUX02729 SSRT100687) - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBUX02719 SSRT100658)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 56840
    published 2012-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56840
    title HP-UX PHNE_42727 : s700_800 11.23 BIND 9.2.0 Revision 5.0
  • NASL family AIX Local Security Checks
    NASL id AIX_IV09491.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63699
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63699
    title AIX 5.3 TL 12 : bind9 (IV09491)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV10049.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63701
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63701
    title AIX 7.1 TL 1 : bind9 (IV10049)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV11743.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63706
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63706
    title AIX 6.1 TL 6 : bind9 (IV11743)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV11742.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63705
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63705
    title AIX 6.1 TL 5 : bind9 (IV11742)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1496.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 56975
    published 2011-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56975
    title RHEL 4 : bind (RHSA-2011:1496)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-16057.NASL
    description Update to the 9.8.1-P1 security release which fixes CVE-2011-4313. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56898
    published 2011-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56898
    title Fedora 16 : bind-9.8.1-4.P1.fc16 (2011-16057)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_BIND_20111202.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. (CVE-2011-4313)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80592
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80592
    title Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-16002.NASL
    description Update to the 9.7.4-P1 security release which fixes CVE-2011-4313. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 56951
    published 2011-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56951
    title Fedora 14 : bind-9.7.4-2.P1.fc14 (2011-16002)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-1459.NASL
    description From Red Hat Security Advisory 2011:1459 : Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68392
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68392
    title Oracle Linux 5 : bind97 (ELSA-2011-1459)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV09978.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63700
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63700
    title AIX 6.1 TL 7 : bind9 (IV09978)
  • NASL family AIX Local Security Checks
    NASL id AIX_IV11744.NASL
    description An as-yet unidentified network event caused BIND 9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Furthermore, AIX BIND 9.4.1 is affected by the following three security vulnerabilities: CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling Error CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3 Record CVE-2009-0025 - BIND OpenSSL DSA_do_verify and EVP_VerifyFinal.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 63707
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63707
    title AIX 7.1 TL 0 : bind9 (IV11744)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201206-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201206-01 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : The vulnerabilities allow remote attackers to cause a Denial of Service (daemon crash) via a DNS query, to bypass intended access restrictions, to incorrectly cache a ncache entry and a rrsig for the same type and to incorrectly mark zone data as insecure. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 59629
    published 2012-06-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59629
    title GLSA-201206-01 : BIND: Multiple vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-1458.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 56879
    published 2011-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56879
    title CentOS 5 : bind (CESA-2011:1458)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1459.NASL
    description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 56867
    published 2011-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56867
    title RHEL 5 : bind97 (RHSA-2011:1459)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-1496.NASL
    description From Red Hat Security Advisory 2011:1496 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 68395
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68395
    title Oracle Linux 4 : bind (ELSA-2011-1496)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-1459.NASL
    description Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 56880
    published 2011-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56880
    title CentOS 5 : bind97 (CESA-2011:1459)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_BIND-111117.NASL
    description specially crafted DNS queries could crash the bind name server (CVE-2011-4313).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75441
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75441
    title openSUSE Security Update : bind (openSUSE-SU-2011:1272-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1458.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 56866
    published 2011-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56866
    title RHEL 5 / 6 : bind (RHSA-2011:1458)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-176.NASL
    description A vulnerability was discovered and corrected in bind : Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Update : Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory had wrong release numbers effectively preventing installation without excessive force due previous packaging mistakes. This advisory provides corrected packages to address the problem.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 56858
    published 2011-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56858
    title Mandriva Linux Security Advisory : bind (MDVSA-2011:176-2)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-1458.NASL
    description From Red Hat Security Advisory 2011:1458 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68391
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68391
    title Oracle Linux 5 / 6 : bind (ELSA-2011-1458)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20111129_BIND_ON_SL4_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61180
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61180
    title Scientific Linux Security Update : bind on SL4.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_BIND-111121.NASL
    description This update for bind fixes the issue that specially crafted DNS queries could crash the bind name server. (CVE-2011-4313) Additionally, a syntax check warning for include files as that one is failing on every include file that only provides a snippet for the overall configuration has been removed.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 57091
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57091
    title SuSE 11.1 Security Update : bind (SAT Patch Number 5462)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20111117_BIND97_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61177
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61177
    title Scientific Linux Security Update : bind97 on SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_BIND-111117.NASL
    description specially crafted DNS queries could crash the bind name server (CVE-2011-4313).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75795
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75795
    title openSUSE Security Update : bind (openSUSE-SU-2011:1272-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1264-1.NASL
    description It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 56861
    published 2011-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56861
    title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : bind9 vulnerability (USN-1264-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_BIND-7851.NASL
    description This update fixes the issue that specially crafted DNS queries could crash the bind name server. (CVE-2011-4313) Additionally, a syntax check warning complaining about every include file that only provides a snippet for the overall configuration has been removed.
    last seen 2019-02-21
    modified 2012-07-14
    plugin id 57162
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57162
    title SuSE 10 Security Update : bind (ZYPP Patch Number 7851)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL14204.NASL
    description ISC reports that query.c in BIND may allow remote attackers to cause a denial-of-service (assertion failure and named exit). The vulnerability uses unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. The affected versions of BIND are as follows :
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78144
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78144
    title F5 Networks BIG-IP : BIND vulnerability (SOL14204)
  • NASL family DNS
    NASL id BIND9_981_P1.NASL
    description According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. An unidentified network event causes BIND9 resolvers to cache an invalid record, subsequent queries for which could crash the resolvers with an assertion failure. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually affected.
    last seen 2019-02-21
    modified 2018-09-17
    plugin id 56862
    published 2011-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56862
    title ISC BIND 9 Query.c Logging Resolver Denial of Service
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_90CC149410AC11E1B3EC0024E830109B.NASL
    description The Internet Systems Consortium reports : Organizations across the Internet reported crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crashed after logging an error in query.c with the following message: 'INSIST(! dns_rdataset_isassociated(sigrdataset))' Multiple versions were reported being affected, including all currently supported release versions of ISC BIND 9. Because it may be possible to trigger this bug even on networks that do not allow untrusted users to access the recursive name servers (perhaps via specially crafted e-mail messages, and/or malicious web sites) it is recommended that ALL operators of recursive name servers upgrade immediately.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 56857
    published 2011-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56857
    title FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2011-13.NASL
    description - Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. (bnc#730995) CVE-2011-4313
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 74518
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74518
    title openSUSE Security Update : bind (openSUSE-2011-13)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-16036.NASL
    description Update to the 9.8.1-P1 security release which fixes CVE-2011-4313. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56952
    published 2011-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56952
    title Fedora 15 : bind-9.8.1-3.P1.fc15 (2011-16036)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2347.NASL
    description It was discovered that BIND, a DNS server, crashes while processing certain sequences of recursive DNS queries, leading to a denial of service. Authoritative-only server configurations are not affected by this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 56856
    published 2011-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56856
    title Debian DSA-2347-1 : bind9 - improper assert
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2011-24.NASL
    description A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion.
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 69583
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69583
    title Amazon Linux AMI : bind (ALAS-2011-24)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-1496.NASL
    description Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 56973
    published 2011-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56973
    title CentOS 4 : bind (CESA-2011:1496)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20111117_BIND_ON_SL5_X.NASL
    description The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 61178
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61178
    title Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_8_2.NASL
    description The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.2. The newer version contains multiple security-related fixes for the following components : - BIND - Data Security - LoginWindow - Mobile Accounts - PHP
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 62215
    published 2012-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62215
    title Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities
oval via4
accepted 2015-04-20T04:00:37.814-04:00
class vulnerability
contributors
  • name Yamini Mohan R
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Sushant Kumar Singh
    organization Hewlett-Packard
  • name Prashant Kumar
    organization Hewlett-Packard
  • name Mike Cokus
    organization The MITRE Corporation
description query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
family unix
id oval:org.mitre.oval:def:14343
status accepted
submitted 2012-01-30T11:33:19.000-05:00
title HP-UX Running BIND, Remote Denial of Service (DoS)
version 46
redhat via4
advisories
  • bugzilla
    id 754398
    title CVE-2011-4313 bind: Remote denial of service against recursive servers via logging negative cache entry
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment bind is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458005
          • comment bind is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975006
        • AND
          • comment bind-chroot is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458011
          • comment bind-chroot is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975012
        • AND
          • comment bind-devel is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458015
          • comment bind-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975010
        • AND
          • comment bind-libs is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458009
          • comment bind-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975016
        • AND
          • comment bind-sdb is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458007
          • comment bind-sdb is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975014
        • AND
          • comment bind-utils is earlier than 32:9.7.3-2.el6_1.P3.3
            oval oval:com.redhat.rhsa:tst:20111458013
          • comment bind-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100975008
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment bind is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458018
          • comment bind is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057003
        • AND
          • comment bind-chroot is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458026
          • comment bind-chroot is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057005
        • AND
          • comment bind-devel is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458024
          • comment bind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057007
        • AND
          • comment bind-libbind-devel is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458032
          • comment bind-libbind-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057015
        • AND
          • comment bind-libs is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458020
          • comment bind-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057017
        • AND
          • comment bind-sdb is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458030
          • comment bind-sdb is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057009
        • AND
          • comment bind-utils is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458028
          • comment bind-utils is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057011
        • AND
          • comment caching-nameserver is earlier than 30:9.3.6-16.P1.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111458022
          • comment caching-nameserver is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070057013
    rhsa
    id RHSA-2011:1458
    released 2011-11-17
    severity Important
    title RHSA-2011:1458: bind security update (Important)
  • bugzilla
    id 754398
    title CVE-2011-4313 bind: Remote denial of service against recursive servers via logging negative cache entry
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-6.P2.el5_7.4
          oval oval:com.redhat.rhsa:tst:20111459002
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-6.P2.el5_7.4
          oval oval:com.redhat.rhsa:tst:20111459008
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-6.P2.el5_7.4
          oval oval:com.redhat.rhsa:tst:20111459006
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-6.P2.el5_7.4
          oval oval:com.redhat.rhsa:tst:20111459004
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-6.P2.el5_7.4
          oval oval:com.redhat.rhsa:tst:20111459010
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
    rhsa
    id RHSA-2011:1459
    released 2011-11-17
    severity Important
    title RHSA-2011:1459: bind97 security update (Important)
  • bugzilla
    id 754398
    title CVE-2011-4313 bind: Remote denial of service against recursive servers via logging negative cache entry
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    • OR
      • AND
        • comment bind is earlier than 20:9.2.4-38.el4
          oval oval:com.redhat.rhsa:tst:20111496002
        • comment bind is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044003
      • AND
        • comment bind-chroot is earlier than 20:9.2.4-38.el4
          oval oval:com.redhat.rhsa:tst:20111496006
        • comment bind-chroot is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044009
      • AND
        • comment bind-devel is earlier than 20:9.2.4-38.el4
          oval oval:com.redhat.rhsa:tst:20111496010
        • comment bind-devel is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044005
      • AND
        • comment bind-libs is earlier than 20:9.2.4-38.el4
          oval oval:com.redhat.rhsa:tst:20111496004
        • comment bind-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044007
      • AND
        • comment bind-utils is earlier than 20:9.2.4-38.el4
          oval oval:com.redhat.rhsa:tst:20111496008
        • comment bind-utils is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070044011
    rhsa
    id RHSA-2011:1496
    released 2011-11-29
    severity Important
    title RHSA-2011:1496: bind security update (Important)
rpms
  • bind-32:9.7.3-2.el6_1.P3.3
  • bind-chroot-32:9.7.3-2.el6_1.P3.3
  • bind-devel-32:9.7.3-2.el6_1.P3.3
  • bind-libs-32:9.7.3-2.el6_1.P3.3
  • bind-sdb-32:9.7.3-2.el6_1.P3.3
  • bind-utils-32:9.7.3-2.el6_1.P3.3
  • bind-30:9.3.6-16.P1.el5_7.1
  • bind-chroot-30:9.3.6-16.P1.el5_7.1
  • bind-devel-30:9.3.6-16.P1.el5_7.1
  • bind-libbind-devel-30:9.3.6-16.P1.el5_7.1
  • bind-libs-30:9.3.6-16.P1.el5_7.1
  • bind-sdb-30:9.3.6-16.P1.el5_7.1
  • bind-utils-30:9.3.6-16.P1.el5_7.1
  • caching-nameserver-30:9.3.6-16.P1.el5_7.1
  • bind97-32:9.7.0-6.P2.el5_7.4
  • bind97-chroot-32:9.7.0-6.P2.el5_7.4
  • bind97-devel-32:9.7.0-6.P2.el5_7.4
  • bind97-libs-32:9.7.0-6.P2.el5_7.4
  • bind97-utils-32:9.7.0-6.P2.el5_7.4
  • bind-20:9.2.4-38.el4
  • bind-chroot-20:9.2.4-38.el4
  • bind-devel-20:9.2.4-38.el4
  • bind-libs-20:9.2.4-38.el4
  • bind-utils-20:9.2.4-38.el4
refmap via4
aixapar
  • IV11106
  • IV11248
apple APPLE-SA-2012-09-19-2
bid 50690
cert-vn VU#606539
confirm
debian DSA-2347
fedora
  • FEDORA-2011-16002
  • FEDORA-2011-16036
  • FEDORA-2011-16057
freebsd FreeBSD-SA-11:06
hp
  • HPSBOV02774
  • HPSBOV03226
  • HPSBUX02729
  • SSRT100684
  • SSRT100687
  • SSRT101004
mandriva MDVSA-2011:176
osvdb 77159
sectrack 1026335
secunia
  • 46536
  • 46829
  • 46887
  • 46890
  • 46905
  • 46906
  • 46943
  • 46984
  • 47043
  • 47075
  • 48308
suse
  • SUSE-SU-2011:1268
  • SUSE-SU-2011:1270
  • openSUSE-SU-2011:1272
ubuntu USN-1264-1
xf isc-bind-recursive-dos(71332)
Last major update 22-08-2016 - 22:04
Published 29-11-2011 - 12:55
Last modified 05-01-2018 - 21:29
Back to Top