ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2013-0550.html | Third Party Advisory |
http://www.isc.org/software/bind/advisories/cve-2012-5689 | Vendor Advisory |
http://www.ubuntu.com/usn/USN-2693-1 | Third Party Advisory |
https://kb.isc.org/article/AA-00855/ | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2013-0550.html | Third Party Advisory |
http://www.isc.org/software/bind/advisories/cve-2012-5689 | Vendor Advisory |
http://www.ubuntu.com/usn/USN-2693-1 | Third Party Advisory |
https://kb.isc.org/article/AA-00855/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 01:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://rhn.redhat.com/errata/RHSA-2013-0550.html - Third Party Advisory | |
References | () http://www.isc.org/software/bind/advisories/cve-2012-5689 - Vendor Advisory | |
References | () http://www.ubuntu.com/usn/USN-2693-1 - Third Party Advisory | |
References | () https://kb.isc.org/article/AA-00855/ - Vendor Advisory |
Information
Published : 2013-01-25 12:00
Updated : 2024-11-21 01:45
NVD link : CVE-2012-5689
Mitre link : CVE-2012-5689
CVE.ORG link : CVE-2012-5689
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_server_eus
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_hpc_node
- enterprise_linux_workstation
canonical
- ubuntu_linux
isc
- bind
CWE
CWE-20
Improper Input Validation