CVE-2011-2464

Executive Summary

Informations
Name	CVE-2011-2464	First vendor Publication	2011-07-08
Vendor	Cve	Last vendor Modification	2012-08-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13997

Oval ID:	oval:org.mitre.oval:def:13997
Title:	HP-UX Running BIND, Remote Denial of Service (DoS)
Description:	Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2011-2464	Version:	4
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02719 HP Release B.11.23 AND filesets tests InternetSrvcs.INETSVCS-INETD is installed AND InternetSrvcs.INETSVCS-RUN is installed AND InternetSrvcs.INETSVCS2-RUN is installed AND NOT Patch PHNE_42727 is installed OR Criteria meets HP Security Bulletin HPSBUX02719 HP Release B.11.23 AND filesets tests BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.9.0 AND BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.9.0 OR Criteria meets HP Security Bulletin HPSBUX02719 HP Release B.11.11 AND BINDv920.INETSVCS-BIND version is less than B.11.11.01.017 OR Criteria meets HP Security Bulletin HPSBUX02719 HP Release B.11.11 AND BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.9.0 OR Criteria meets HP Security Bulletin HPSBUX02719 HP-UX B.11.31 AND filesets tests NameService.BIND-AUX version is less than C.9.3.2.10.0 AND NameService.BIND-RUN version is less than C.9.3.2.10.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Isc Bind cpe:/a:isc:bind:9.8.1:b1 cpe:/a:isc:bind:9.8.0:p2 cpe:/a:isc:bind:9.8.0 cpe:/a:isc:bind:9.8.0:b1 cpe:/a:isc:bind:9.8.0:p1 cpe:/a:isc:bind:9.8.0:rc1 cpe:/a:isc:bind:9.8.0:a1 cpe:/a:isc:bind:9.7.3 cpe:/a:isc:bind:9.7.3:b1 cpe:/a:isc:bind:9.7.3:p1 cpe:/a:isc:bind:9.7.3:rc1 cpe:/a:isc:bind:9.7.2b1 cpe:/a:isc:bind:9.7.2:p1 cpe:/a:isc:bind:9.7.2:p3 cpe:/a:isc:bind:9.7.2:rc1 cpe:/a:isc:bind:9.7.2:p2 cpe:/a:isc:bind:9.7.2 cpe:/a:isc:bind:9.7.1b1 cpe:/a:isc:bind:9.7.1:p2 cpe:/a:isc:bind:9.7.1:p1 cpe:/a:isc:bind:9.7.1:rc1 cpe:/a:isc:bind:9.7.1 cpe:/a:isc:bind:9.7.0b3 cpe:/a:isc:bind:9.7.0b2 cpe:/a:isc:bind:9.7.0b1 cpe:/a:isc:bind:9.7.0a3 cpe:/a:isc:bind:9.7.0a2 cpe:/a:isc:bind:9.7.0a1 cpe:/a:isc:bind:9.7.0 cpe:/a:isc:bind:9.7.0:p1 cpe:/a:isc:bind:9.7.0:rc2 cpe:/a:isc:bind:9.7.0:rc1 cpe:/a:isc:bind:9.7.0:p2 cpe:/a:isc:bind:9.7.0:beta cpe:/a:isc:bind:9.6.3b1 cpe:/a:isc:bind:9.6.3 cpe:/a:isc:bind:9.6.3:rc1 cpe:/a:isc:bind:9.6.2b1 cpe:/a:isc:bind:9.6.2-p3 cpe:/a:isc:bind:9.6.2-p2 cpe:/a:isc:bind:9.6.2-p1 cpe:/a:isc:bind:9.6.2 cpe:/a:isc:bind:9.6.2:rc1 cpe:/a:isc:bind:9.6.1b1 cpe:/a:isc:bind:9.6.1:p1 cpe:/a:isc:bind:9.6.1:p3 cpe:/a:isc:bind:9.6.1:p2 cpe:/a:isc:bind:9.6.1 cpe:/a:isc:bind:9.6.1:rc1 cpe:/a:isc:bind:9.6.0b1 cpe:/a:isc:bind:9.6.0a1 cpe:/a:isc:bind:9.6.0:rc1 cpe:/a:isc:bind:9.6.0 cpe:/a:isc:bind:9.6.0:p1 cpe:/a:isc:bind:9.6.0:rc2 cpe:/a:isc:bind:9.6-esv-r4-p1 cpe:/a:isc:bind:9.6-esv-r4 cpe:/a:isc:bind:9.6-esv-r3 cpe:/a:isc:bind:9.6-esv-r2 cpe:/a:isc:bind:9.6-esv-r1 cpe:/a:isc:bind:9.6-esv	61

Open Source Vulnerability Database (OSVDB)

id	Description
73605	ISC BIND UPDATE Request Parsing Remote DoS

Internal Sources (Detail)

Source	Url
APPLE	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BID	http://www.securityfocus.com/bid/48566
BUGTRAQ	http://www.securityfocus.com/archive/1/archive/1/518749/100/0/threaded
CERT-VN	http://www.kb.cert.org/vuls/id/142646
CONFIRM	http://blogs.oracle.com/sunsecurity/entry/cve_2011_2464_remote_denial http://support.apple.com/kb/HT5002 http://www.isc.org/software/bind/advisories/cve-2011-2464
DEBIAN	http://www.debian.org/security/2011/dsa-2272
FEDORA	http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html
HP	http://marc.info/?l=bugtraq&m=131983337229394&w=2 http://marc.info/?l=bugtraq&m=131983337229394&w=2
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDVSA-2011:115
OSVDB	http://osvdb.org/73605
REDHAT	http://www.redhat.com/support/errata/RHSA-2011-0926.html
SECTRACK	http://www.securitytracker.com/id?1025742
SECUNIA	http://secunia.com/advisories/45082 http://secunia.com/advisories/45089 http://secunia.com/advisories/45143 http://secunia.com/advisories/45177 http://secunia.com/advisories/45185 http://secunia.com/advisories/45223 http://secunia.com/advisories/45410 http://secunia.com/advisories/45412
SLACKWARE	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&...
SUSE	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00006.html
UBUNTU	https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-July/001365.html
XF	http://xforce.iss.net/xforce/xfdb/68375

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:02:48	Multiple Updates

Type	Count
Oval ID(s)	1
CPE ID(s)	61
osvdb(s)	1

Related	Severity
GLSA-201206-01	(High)
VU#142646	(Medium)
USN-1163-1	(Medium)
RHSA-2011:0926	(Medium)
MDVSA-2011:115	(Medium)
HPSBUX02719 SSR...	(Medium)
DSA-2272	(Medium)

Same Subject	Severity
Login to view 8 more Alert(s)

CVE-2011-2464

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU