Executive Summary

Informations
NameCVE-2001-0010First vendor Publication2001-02-12
VendorCveLast vendor Modification2008-09-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides administrator access : Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0010

CPE : Common Platform Enumeration

TypeDescriptionCount
Application10

OpenVAS Exploits

DateDescription
2008-01-17Name : Debian Security Advisory DSA 026-1 (bind)
File : nvt/deb_026_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
14795ISC BIND TSIG Handling Code Remote Overflow

Snort® IPS/IDS

DateDescription
2014-01-10Bind Buffer Overflow named tsig overflow attempt
RuleID : 314-community - Revision : 22 - Type : SERVER-OTHER
2014-01-10Bind Buffer Overflow named tsig overflow attempt
RuleID : 314 - Revision : 22 - Type : SERVER-OTHER
2014-01-10Bind Buffer Overflow named tsig overflow attempt
RuleID : 303-community - Revision : 23 - Type : SERVER-OTHER
2014-01-10Bind Buffer Overflow named tsig overflow attempt
RuleID : 303 - Revision : 23 - Type : SERVER-OTHER
2014-01-10TCP inverse query
RuleID : 2922-community - Revision : 10 - Type : PROTOCOL-DNS
2014-01-10TCP inverse query
RuleID : 2922 - Revision : 10 - Type : PROTOCOL-DNS
2014-01-10UDP inverse query
RuleID : 2921-community - Revision : 10 - Type : PROTOCOL-DNS
2014-01-10UDP inverse query
RuleID : 2921 - Revision : 10 - Type : PROTOCOL-DNS

Nessus® Vulnerability Scanner

DateDescription
2004-09-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-026.nasl - Type : ACT_GATHER_INFO
2001-01-29Name : It is possible to use the remote name server to break into the remote host.
File : bind_covert_overflows.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/2302
CERThttp://www.cert.org/advisories/CA-2001-02.html
DEBIANhttp://www.debian.org/security/2001/dsa-026
NAIhttp://www.nai.com/research/covert/advisories/047.asp
REDHAThttp://www.redhat.com/support/errata/RHSA-2001-007.html

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-02-17 10:23:28
  • Multiple Updates
2014-01-19 21:21:18
  • Multiple Updates
2013-05-11 12:02:37
  • Multiple Updates