ID

VAR-201303-0312


CVE

CVE-2013-2266


TITLE

ISC BIND Regular Expression Handling Denial of Service Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201303-559

DESCRIPTION

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. The following are affected: ISC BIND 9.7.x ISC BIND 9.8.0 through versions 9.8.5-b1 ISC BIND 9.9.0 through versions 9.9.3-b1. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze10. For the testing distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu1. For the unstable distribution (sid), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu1. We recommend that you upgrade your bind9 packages. Release Date: 2013-04-30 Last Updated: 2013-06-14 Potential Security Impact: Remote Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). HP-UX B.11.31 running BIND 9.7.3 prior to C.9.7.3.2.0 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-2266 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided an updated version of the BIND service to resolve this vulnerability. This early release depot will be replaced by the June 2013 Web Upgrade, which is functionally identical. This update is available from the following location https://h20392.www2.hp.c om/portal/swdepot/displayProductInfo.do?productNumber=BIND BIND 9.7.3 for HP-UX Release Depot Name B.11.31 (PA and IA) bind973.depot MANUAL ACTIONS: Yes - Update Download and install the software update PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS For BIND 9.7.3 HP-UX B.11.31 ================== NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.7.3.2.0 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 30 April 2013 Initial release Version:2 (rev.2) - 14 June 2013 Revised location of update. Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: f36857a433daea597c4ec28038905d17 mes5/i586/bind-9.7.6-0.0.P4.0.2mdvmes5.2.i586.rpm 46c527cc9b22e9177e6fedf60c65925a mes5/i586/bind-devel-9.7.6-0.0.P4.0.2mdvmes5.2.i586.rpm a0bbe5405898b2a2ce7f513788a6a229 mes5/i586/bind-doc-9.7.6-0.0.P4.0.2mdvmes5.2.i586.rpm b321cb2a467724660df48cf92b3945f0 mes5/i586/bind-utils-9.7.6-0.0.P4.0.2mdvmes5.2.i586.rpm 890d003d00da0bfaf671313e85f46d1e mes5/SRPMS/bind-9.7.6-0.0.P4.0.2mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 08de2e6cfa579e00e253c37bea966307 mes5/x86_64/bind-9.7.6-0.0.P4.0.2mdvmes5.2.x86_64.rpm ae6189e64132f148a639360d66368fcb mes5/x86_64/bind-devel-9.7.6-0.0.P4.0.2mdvmes5.2.x86_64.rpm 4ee72b2b8917de78790060bb73018af9 mes5/x86_64/bind-doc-9.7.6-0.0.P4.0.2mdvmes5.2.x86_64.rpm c1dd1ebdd63f4cc9fbb83ca0b8a435e0 mes5/x86_64/bind-utils-9.7.6-0.0.P4.0.2mdvmes5.2.x86_64.rpm 890d003d00da0bfaf671313e85f46d1e mes5/SRPMS/bind-9.7.6-0.0.P4.0.2mdvmes5.2.src.rpm Mandriva Business Server 1/X86_64: 71ea4fee0536640c4f391b8ee8b39658 mbs1/x86_64/bind-9.9.2.P2-1.mbs1.x86_64.rpm 181b8e5ddaccb10365b4c03457f7c77b mbs1/x86_64/bind-devel-9.9.2.P2-1.mbs1.x86_64.rpm a7b06470573069c1a0ad207fa5ea401e mbs1/x86_64/bind-doc-9.9.2.P2-1.mbs1.noarch.rpm 88d2444424375c4ca05a860dfdc4e695 mbs1/x86_64/bind-sdb-9.9.2.P2-1.mbs1.x86_64.rpm fd09642c9a8350f4f633e58f33d39a12 mbs1/x86_64/bind-utils-9.9.2.P2-1.mbs1.x86_64.rpm 3c703696946399024c7b107e1d28e031 mbs1/SRPMS/bind-9.9.2.P2-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:04.bind Security Advisory The FreeBSD Project Topic: BIND remote denial of service Category: contrib Module: bind Announced: 2013-04-02 Credits: Matthew Horsfall of Dyn, Inc. Affects: FreeBSD 8.4-BETA1 and FreeBSD 9.x Corrected: 2013-03-28 05:35:46 UTC (stable/8, 8.4-BETA1) 2013-03-28 05:39:45 UTC (stable/9, 9.1-STABLE) 2013-04-02 17:34:42 UTC (releng/9.0, 9.0-RELEASE-p7) 2013-04-02 17:34:42 UTC (releng/9.1, 9.1-RELEASE-p2) CVE Name: CVE-2013-2266 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:http://security.FreeBSD.org/>. I. Background BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server. The libdns library is a library of DNS protocol support functions. II. This affects both recursive and authoritative servers. III. Impact A remote attacker can cause the named(8) daemon to consume all available memory and crash, resulting in a denial of service. Applications linked with the libdns library, for instance dig(1), may also be affected. IV. Workaround No workaround is available, but systems not running named(8) service and not using base system DNS utilities are not affected. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch # fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch.asc # gpg --verify bind.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch Recompile the operating system using buildworld and installworld as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html>. Restart the named daemon, or reboot the system. 3) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r248807 stable/9/ r248808 releng/9.0/ r249029 releng/9.1/ r249029 - ------------------------------------------------------------------------- VII. References https://kb.isc.org/article/AA-00871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-13:04.bind.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlFbGYYACgkQFdaIBMps37J4eACeNzJtWElzKJZCqXdzhrHEB+pu 1eoAn0oD7xcjoPOnB7H3xZbIeHldgGcI =BX1M -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-1783-1 March 29, 2013 bind9 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: Bind could be made to consume memory or crash if it received specially crafted network traffic. Software Description: - bind9: Internet Domain Name Server Details: Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. This issue was corrected by disabling RDATA regular expression syntax checking. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: bind9 1:9.8.1.dfsg.P1-4.2ubuntu3.2 libdns81 1:9.8.1.dfsg.P1-4.2ubuntu3.2 Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.6 libdns81 1:9.8.1.dfsg.P1-4ubuntu0.6 Ubuntu 11.10: bind9 1:9.7.3.dfsg-1ubuntu4.6 libdns69 1:9.7.3.dfsg-1ubuntu4.6 Ubuntu 10.04 LTS: bind9 1:9.7.0.dfsg.P1-1ubuntu0.9 libdns64 1:9.7.0.dfsg.P1-1ubuntu0.9 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1783-1 CVE-2013-2266 Package Information: https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4.2ubuntu3.2 https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.6 https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.6 https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.9 . (Windows versions are not affected. This condition can crash BIND 9 and will likely severely affect operation of other programs running on the same machine. Please Note: Versions of BIND 9.7 are beyond their "end of life" (EOL) and no longer receive testing or security fixes from ISC. However, the re-compilation method described in the "Workarounds" section of this document will prevent exploitation in BIND 9.7 as well as in currently supported versions. For current information on which versions are actively supported, please see http://www.isc.org/software/bind/versions. Additional information is available in the CVE-2013-2266 FAQ and Supplemental Information article in the ISC Knowledge base, https://kb.isc.org/article/AA-00879. Additionally, other services which run on the same physical machine as an affected BIND server could be compromised as well through exhaustion of system memory. Programs using the libdns library from affected versions of BIND are also potentially vulnerable to exploitation of this bug if they can be forced to accept input which triggers the condition. Tools which are linked against libdns (e.g. dig) should also be rebuilt or upgraded, even if named is not being used. CVSS Score: 7.8 CVSS Equation: (AV:N/AC:L/Au:N/C:N/I:N/A:C) For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C) Workarounds: Patched versions are available (see the "Solutions:" section below) or operators can prevent exploitation of this bug in any affected version of BIND 9 by compiling without regular expression support. Compilation without regular expression support: BIND 9.7 (all versions), BIND 9.8 (9.8.0 through 9.8.5b1), and BIND 9.9 (9.9.0 through 9.9.3b1) can be rendered completely safe from this bug by re-compiling the source with regular expression support disabled. In order to disable inclusion of regular expression support: After configuring BIND features as desired using the configure script in the top level source directory, manually edit the "config.h" header file that was produced by the configure script. Locate the line that reads "#define HAVE_REGEX_H 1" and replace the contents of that line with "#undef HAVE_REGEX_H". Run "make clean" to remove any previously compiled object files from the BIND 9 source directory, then proceed to make and install BIND normally. Active exploits: No known active exploits. Solution: Compile BIND 9 without regular expression support as described in the "Workarounds" section of this advisory or upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads/all. for discovering this bug and bringing it to our attention

Trust: 1.89

sources: NVD: CVE-2013-2266 // BID: 58736 // VULMON: CVE-2013-2266 // PACKETSTORM: 121569 // PACKETSTORM: 121028 // PACKETSTORM: 122120 // PACKETSTORM: 121132 // PACKETSTORM: 121059 // PACKETSTORM: 121017 // PACKETSTORM: 120975

AFFECTED PRODUCTS

vendor:iscmodel:bindscope:eqversion:9.8.4

Trust: 1.9

vendor:iscmodel:bindscope:eqversion:9.7.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.5

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.1

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.8.0

Trust: 1.6

vendor:iscmodel:bindscope:eqversion:9.7.4

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.2

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.9.2

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.9.1

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.9.0

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.8.3

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.6

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.3

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.7.1

Trust: 1.3

vendor:iscmodel:bindscope:eqversion:9.8.2

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.7.5

Trust: 1.0

vendor:iscmodel:bindscope:eqversion:9.9.3

Trust: 1.0

vendor:iscmodel:bind p1scope:eqversion:9.7.1

Trust: 0.6

vendor:iscmodel:bind p2scope:eqversion:9.7.0

Trust: 0.6

vendor:ubuntumodel:linux i386scope:eqversion:12.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:12.10

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.37

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.37

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:12.2

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:12.1

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop workstation clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:mcafeemodel:firewall enterprisescope:eqversion:8.3.1

Trust: 0.3

vendor:mcafeemodel:firewall enterprise 8.2.1p04scope: - version: -

Trust: 0.3

vendor:mcafeemodel:firewall enterprise 8.2.1p03scope: - version: -

Trust: 0.3

vendor:mcafeemodel:firewall enterprisescope:eqversion:8.2.1

Trust: 0.3

vendor:mcafeemodel:firewall enterprisescope:eqversion:7.0.1.03

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:iscmodel:bindscope:eqversion:9.8

Trust: 0.3

vendor:iscmodel:bind 9.9.3-b1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.9.2-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.9.1-p4scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.9.1-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.9.1-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.9.1-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.5-b1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.4-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.3-p4scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.3-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.3-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.3-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.1b1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.1-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.0-p4scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.0-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.0-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.8.0-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bindscope:eqversion:9.7.7

Trust: 0.3

vendor:iscmodel:bind 9.7.6-p4scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.6-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.6-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.6-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.4b1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.4-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.3-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.3-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.3-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.2-p3scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.2-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.2-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.1-p2scope: - version: -

Trust: 0.3

vendor:iscmodel:bind 9.7.0-p1scope: - version: -

Trust: 0.3

vendor:iscmodel:bindscope:eqversion:9.7

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-release-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1-rc2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.1--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.1

Trust: 0.3

vendor:freebsdmodel:9.0-stablescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-release-p6scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-releasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc3scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0-rc1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.0--relengscope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.0

Trust: 0.3

vendor:freebsdmodel:8.4-beta1scope: - version: -

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.1

Trust: 0.3

vendor:f5model:enterprise managerscope:eqversion:3.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip pemscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.3

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:f5model:big-ip afmscope:eqversion:11.3

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:iscmodel:bind 9.9.2-p2scope:neversion: -

Trust: 0.3

vendor:iscmodel:bind 9.8.4-p2scope:neversion: -

Trust: 0.3

vendor:f5model:enterprise managerscope:neversion:3.1.1

Trust: 0.3

vendor:f5model:enterprise managerscope:neversion:2.3

Trust: 0.3

vendor:f5model:enterprise managerscope:neversion:2.0

Trust: 0.3

vendor:f5model:enterprise managerscope:neversion:1.8

Trust: 0.3

vendor:f5model:enterprise managerscope:neversion:1.6

Trust: 0.3

vendor:f5model:big-ip womscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip womscope:neversion:10.0

Trust: 0.3

vendor:f5model:big-ip wom hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:neversion:9.4.80

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip psmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip psmscope:neversion:10.0

Trust: 0.3

vendor:f5model:big-ip psmscope:neversion:9.4.8

Trust: 0.3

vendor:f5model:big-ip psmscope:neversion:9.4.5

Trust: 0.3

vendor:f5model:big-ip psm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psm hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip pem hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:10.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:9.6.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:9.4.8

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:9.0

Trust: 0.3

vendor:f5model:big-ip ltm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip ltm hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:neversion:9.4.80

Trust: 0.3

vendor:f5model:big-ip link controllerscope:neversion:10.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:neversion:9.2.2

Trust: 0.3

vendor:f5model:big-ip link controller hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip link controller hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controller hf4scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:10.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:9.4.8

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:9.2.2

Trust: 0.3

vendor:f5model:big-ip gtm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip gtm hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip edge gateway hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip edge gateway hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:10.1

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:9.4.80

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.2.40

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:10.0.00

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:9.2

Trust: 0.3

vendor:f5model:big-ip asm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip asm hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:10.1

Trust: 0.3

vendor:f5model:big-ip analytics hf4scope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf5scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip analytics hf7scope:neversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip afm hf4scope:neversion:11.3.0

Trust: 0.3

vendor:applemodel:mac osscope:neversion:x10.8.5

Trust: 0.3

sources: BID: 58736 // CNNVD: CNNVD-201303-559 // NVD: CVE-2013-2266

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-2266
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201303-559
value: HIGH

Trust: 0.6

VULMON: CVE-2013-2266
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-2266
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2013-2266 // CNNVD: CNNVD-201303-559 // NVD: CVE-2013-2266

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

sources: NVD: CVE-2013-2266

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 121028 // PACKETSTORM: 121132 // PACKETSTORM: 121017 // CNNVD: CNNVD-201303-559

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201303-559

PATCH

title:Red Hat: Important: bind97 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20130690 - Security Advisory

Trust: 0.1

title:Red Hat: Important: bind security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20130689 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: CVE-2013-2266url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=ce9346ea3ea8bc38b5a8f240aadc63ad

Trust: 0.1

title:Debian Security Advisories: DSA-2656-1 bind9 -- denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=2301cf18a199518ef55a5962b8bf2d8f

Trust: 0.1

title:Ubuntu Security Notice: bind9 vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1783-1

Trust: 0.1

title:Debian CVElist Bug Report Logs: bind9: CVE-2012-5689url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=4c4483f2e7e7c504072dc3dc6ef8958d

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-176url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-176

Trust: 0.1

title:Red Hat: CVE-2013-2266url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2013-2266

Trust: 0.1

sources: VULMON: CVE-2013-2266

EXTERNAL IDS

db:NVDid:CVE-2013-2266

Trust: 2.7

db:ISCid:AA-00871

Trust: 1.8

db:ISCid:AA-00879

Trust: 1.8

db:BIDid:58736

Trust: 1.4

db:SECUNIAid:52782

Trust: 0.6

db:CNNVDid:CNNVD-201303-559

Trust: 0.6

db:VULMONid:CVE-2013-2266

Trust: 0.1

db:PACKETSTORMid:121569

Trust: 0.1

db:PACKETSTORMid:121028

Trust: 0.1

db:PACKETSTORMid:122120

Trust: 0.1

db:PACKETSTORMid:121132

Trust: 0.1

db:PACKETSTORMid:121059

Trust: 0.1

db:PACKETSTORMid:121017

Trust: 0.1

db:PACKETSTORMid:120975

Trust: 0.1

sources: VULMON: CVE-2013-2266 // BID: 58736 // PACKETSTORM: 121569 // PACKETSTORM: 121028 // PACKETSTORM: 122120 // PACKETSTORM: 121132 // PACKETSTORM: 121059 // PACKETSTORM: 121017 // PACKETSTORM: 120975 // CNNVD: CNNVD-201303-559 // NVD: CVE-2013-2266

REFERENCES

url:http://www.isc.org/software/bind/advisories/cve-2013-2266

Trust: 1.7

url:https://kb.isc.org/article/aa-00879/

Trust: 1.7

url:https://kb.isc.org/article/aa-00871/

Trust: 1.7

url:http://support.apple.com/kb/ht5880

Trust: 1.4

url:http://www.ubuntu.com/usn/usn-1783-1

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2013-0690.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2013-0689.html

Trust: 1.1

url:http://www.debian.org/security/2013/dsa-2656

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=136804614120794&w=2

Trust: 1.1

url:http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2013-april/101603.html

Trust: 1.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2013-april/101500.html

Trust: 1.1

url:http://www.securityfocus.com/bid/58736

Trust: 1.1

url:http://linux.oracle.com/errata/elsa-2014-1244

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19579

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2266

Trust: 0.7

url:http://secunia.com/advisories/52782

Trust: 0.6

url:http://www.isc.org/products/bind/

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100171618

Trust: 0.3

url:msg://bugtraq/201304021804.r32i4b2i046008@freefall.freebsd.org

Trust: 0.3

url:http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta

Trust: 0.3

url:https://kc.mcafee.com/corporate/index?page=content&id=kb77902

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14386.html

Trust: 0.3

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.2

url:https://www.hp.com/go/swa

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2266

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2013:0690

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=28730

Trust: 0.1

url:https://usn.ubuntu.com/1783-1/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2013-2266

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://www.debian.org/security/

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:https://h20392.www2.hp.c

Trust: 0.1

url:http://www.mandriva.com/en/support/security/

Trust: 0.1

url:http://www.mandriva.com/en/support/security/advisories/

Trust: 0.1

url:http://www.freebsd.org/handbook/makeworld.html>.

Trust: 0.1

url:http://security.freebsd.org/>.

Trust: 0.1

url:http://security.freebsd.org/patches/sa-13:04/bind.patch.asc

Trust: 0.1

url:https://kb.isc.org/article/aa-00871

Trust: 0.1

url:http://security.freebsd.org/advisories/freebsd-sa-13:04.bind.asc

Trust: 0.1

url:http://security.freebsd.org/patches/sa-13:04/bind.patch

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.p1-1ubuntu0.9

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4.2ubuntu3.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.6

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.6

Trust: 0.1

url:http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(av:n/ac:l/au:n/c:n/i:n/a:c)

Trust: 0.1

url:http://www.isc.org/downloads/all.

Trust: 0.1

url:https://kb.isc.org/article/aa-00879.

Trust: 0.1

url:http://www.isc.org/software/bind/versions.

Trust: 0.1

sources: VULMON: CVE-2013-2266 // BID: 58736 // PACKETSTORM: 121569 // PACKETSTORM: 121028 // PACKETSTORM: 122120 // PACKETSTORM: 121132 // PACKETSTORM: 121059 // PACKETSTORM: 121017 // PACKETSTORM: 120975 // CNNVD: CNNVD-201303-559 // NVD: CVE-2013-2266

CREDITS

Matthew Horsfall of Dyn, Inc.

Trust: 0.3

sources: BID: 58736

SOURCES

db:VULMONid:CVE-2013-2266
db:BIDid:58736
db:PACKETSTORMid:121569
db:PACKETSTORMid:121028
db:PACKETSTORMid:122120
db:PACKETSTORMid:121132
db:PACKETSTORMid:121059
db:PACKETSTORMid:121017
db:PACKETSTORMid:120975
db:CNNVDid:CNNVD-201303-559
db:NVDid:CVE-2013-2266

LAST UPDATE DATE

2024-11-22T21:24:02.786000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2013-2266date:2018-10-30T00:00:00
db:BIDid:58736date:2015-04-13T21:48:00
db:CNNVDid:CNNVD-201303-559date:2013-04-02T00:00:00
db:NVDid:CVE-2013-2266date:2018-10-30T16:27:02.577

SOURCES RELEASE DATE

db:VULMONid:CVE-2013-2266date:2013-03-28T00:00:00
db:BIDid:58736date:2013-03-26T00:00:00
db:PACKETSTORMid:121569date:2013-05-08T19:22:00
db:PACKETSTORMid:121028date:2013-03-31T19:22:00
db:PACKETSTORMid:122120date:2013-06-21T23:55:00
db:PACKETSTORMid:121132date:2013-04-08T21:11:06
db:PACKETSTORMid:121059date:2013-04-03T18:22:22
db:PACKETSTORMid:121017date:2013-03-30T01:53:40
db:PACKETSTORMid:120975date:2013-03-27T15:55:55
db:CNNVDid:CNNVD-201303-559date:2013-03-28T00:00:00
db:NVDid:CVE-2013-2266date:2013-03-28T16:55:01.040