ID CVE-2013-4854
Summary The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*
    cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux:11:*:desktop:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux:11:*:desktop:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*
  • cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*
    cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*
  • cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*
    cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*
  • cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*
    cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*
  • cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*
    cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
  • cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*
  • cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*
    cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
    cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
  • cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*
    cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 22-04-2019 - 17:48)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
oval via4
accepted 2015-04-20T04:01:29.911-04:00
class vulnerability
contributors
  • name Ganesh Manal
    organization Hewlett-Packard
  • name Prashant Kumar
    organization Hewlett-Packard
  • name Mike Cokus
    organization The MITRE Corporation
description The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
family unix
id oval:org.mitre.oval:def:19561
status accepted
submitted 2013-11-22T11:43:28.000-05:00
title HP-UX Running BIND, Remote Denial of Service (DoS)
version 41
redhat via4
advisories
  • bugzilla
    id 988999
    title CVE-2013-4854 bind: named crash with an assertion failure on parsing malformed rdata
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment bind is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114005
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651006
      • AND
        • comment bind-chroot is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114009
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651014
      • AND
        • comment bind-devel is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114015
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651016
      • AND
        • comment bind-libs is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114007
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651012
      • AND
        • comment bind-sdb is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114011
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651010
      • AND
        • comment bind-utils is earlier than 32:9.8.2-0.17.rc1.el6_4.5
          oval oval:com.redhat.rhsa:tst:20131114013
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651008
    rhsa
    id RHSA-2013:1114
    released 2013-07-30
    severity Important
    title RHSA-2013:1114: bind security update (Important)
  • bugzilla
    id 988999
    title CVE-2013-4854 bind: named crash with an assertion failure on parsing malformed rdata
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment bind97 is earlier than 32:9.7.0-17.P2.el5_9.2
          oval oval:com.redhat.rhsa:tst:20131115002
        • comment bind97 is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845003
      • AND
        • comment bind97-chroot is earlier than 32:9.7.0-17.P2.el5_9.2
          oval oval:com.redhat.rhsa:tst:20131115010
        • comment bind97-chroot is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845005
      • AND
        • comment bind97-devel is earlier than 32:9.7.0-17.P2.el5_9.2
          oval oval:com.redhat.rhsa:tst:20131115004
        • comment bind97-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845007
      • AND
        • comment bind97-libs is earlier than 32:9.7.0-17.P2.el5_9.2
          oval oval:com.redhat.rhsa:tst:20131115008
        • comment bind97-libs is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845009
      • AND
        • comment bind97-utils is earlier than 32:9.7.0-17.P2.el5_9.2
          oval oval:com.redhat.rhsa:tst:20131115006
        • comment bind97-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20110845011
    rhsa
    id RHSA-2013:1115
    released 2013-07-30
    severity Important
    title RHSA-2013:1115: bind97 security update (Important)
rpms
  • bind-32:9.8.2-0.17.rc1.el6_4.5
  • bind-chroot-32:9.8.2-0.17.rc1.el6_4.5
  • bind-devel-32:9.8.2-0.17.rc1.el6_4.5
  • bind-libs-32:9.8.2-0.17.rc1.el6_4.5
  • bind-sdb-32:9.8.2-0.17.rc1.el6_4.5
  • bind-utils-32:9.8.2-0.17.rc1.el6_4.5
  • bind97-32:9.7.0-17.P2.el5_9.2
  • bind97-chroot-32:9.7.0-17.P2.el5_9.2
  • bind97-devel-32:9.7.0-17.P2.el5_9.2
  • bind97-libs-32:9.7.0-17.P2.el5_9.2
  • bind97-utils-32:9.7.0-17.P2.el5_9.2
refmap via4
apple APPLE-SA-2014-10-16-3
bid 61479
bugtraq 20130806 [slackware-security] bind (SSA:2013-218-01)
confirm
debian DSA-2728
fedora
  • FEDORA-2013-13831
  • FEDORA-2013-13863
freebsd FreeBSD-SA-13:07
hp
  • HPSBUX02926
  • SSRT101281
mandriva MDVSA-2013:202
misc
sectrack 1028838
secunia
  • 54134
  • 54185
  • 54207
  • 54211
  • 54323
  • 54432
suse
  • SUSE-SU-2013:1310
  • openSUSE-SU-2013:1354
ubuntu USN-1910-1
xf isc-bind-cve20134854-dos(86004)
Last major update 22-04-2019 - 17:48
Published 29-07-2013 - 13:59
Back to Top