Executive Summary

Informations
NameCVE-2013-2266First vendor Publication2013-03-28
VendorCveLast vendor Modification2018-10-30

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20851
 
Oval ID: oval:org.mitre.oval:def:20851
Title: RHSA-2013:0690: bind97 security update (Important)
Description: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Family: unix Class: patch
Reference(s): RHSA-2013:0690-00
CESA-2013:0690
CVE-2013-2266
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20435
 
Oval ID: oval:org.mitre.oval:def:20435
Title: RHSA-2013:0689: bind security and bug fix update (Important)
Description: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Family: unix Class: patch
Reference(s): RHSA-2013:0689-01
CESA-2013:0689
CVE-2013-2266
Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19579
 
Oval ID: oval:org.mitre.oval:def:19579
Title: HP-UX Running BIND, Remote Denial of Service (DoS)
Description: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2266
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19159
 
Oval ID: oval:org.mitre.oval:def:19159
Title: DSA-2656-1 bind9 - denial of service
Description: Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash.
Family: unix Class: patch
Reference(s): DSA-2656-1
CVE-2013-2266
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18255
 
Oval ID: oval:org.mitre.oval:def:18255
Title: USN-1783-1 -- bind9 vulnerability
Description: Bind could be made to consume memory or crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1783-1
CVE-2013-2266
Version: 5
Platform(s): Ubuntu 12.10
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 10.04
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24052
 
Oval ID: oval:org.mitre.oval:def:24052
Title: ELSA-2013:0689: bind security and bug fix update (Important)
Description: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Family: unix Class: patch
Reference(s): ELSA-2013:0689-01
CVE-2013-2266
Version: 6
Platform(s): Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23024
 
Oval ID: oval:org.mitre.oval:def:23024
Title: ELSA-2013:0690: bind97 security update (Important)
Description: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
Family: unix Class: patch
Reference(s): ELSA-2013:0690-00
CVE-2013-2266
Version: 6
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25966
 
Oval ID: oval:org.mitre.oval:def:25966
Title: SUSE-SU-2013:0696-1 -- Security update for dhcp
Description: The ISC DHCP server had a denial of service issue in handling specific DDNS requests which could cause a out of memory usage situation. (CVE-2013-2266) This update also adds a dhcp6-server service template for SuSEfirewall2 (bnc#783002) Security Issues: * CVE-2013-2266 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 >
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0696-1
CVE-2013-2266
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26970
 
Oval ID: oval:org.mitre.oval:def:26970
Title: ELSA-2014-1244 -- bind97 security and bug fix update (Moderate)
Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. It contains a DNS server (named), a resolver library with routines for applications to use when interfacing with DNS, and tools for verifying that the DNS server is operating correctly. These packages contain version 9.7 of the BIND suite. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. (CVE-2014-0591) Note: The CVE-2014-0591 issue does not directly affect the version of bind97 shipped in Red Hat Enterprise Linux 5. This issue is being addressed however to assure it is not introduced in future builds of bind97 (possibly built with a different compiler or C library optimization). This update also fixes the following bug: * Previously, the bind97 initscript did not check for the existence of the ROOTDIR variable when shutting down the named daemon. As a consequence, some parts of the file system that are mounted when using bind97 in a chroot environment were unmounted on daemon shut down, even if bind97 was not running in a chroot environment. With this update, the initscript has been fixed to check for the existence of the ROOTDIR variable when unmounting some parts of the file system on named daemon shut down. Now, when shutting down bind97 that is not running in a chroot environment, no parts of the file system are unmounted. (BZ#1059118) All bind97 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
Family: unix Class: patch
Reference(s): ELSA-2014-1244
CVE-2014-0591
CVE-2013-4854
CVE-2013-2266
Version: 5
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27642
 
Oval ID: oval:org.mitre.oval:def:27642
Title: DEPRECATED: ELSA-2013-0689 -- bind security and bug fix update (important)
Description: [ 32:9.8.2-0.17.rc1.0.2.el6_4.4] - bump release and build for ULN
Family: unix Class: patch
Reference(s): ELSA-2013-0689
CVE-2013-2266
Version: 4
Platform(s): Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27538
 
Oval ID: oval:org.mitre.oval:def:27538
Title: DEPRECATED: ELSA-2013-0690 -- bind97 security update (important)
Description: [32:9.7.0-17.P2.1] - fix CVE-2013-2266
Family: unix Class: patch
Reference(s): ELSA-2013-0690
CVE-2013-2266
Version: 4
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application68

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-09-19IAVM : 2013-A-0179 - Apple Mac OS X Security Update 2013-004
Severity : Category I - VMSKEY : V0040373

Snort® IPS/IDS

DateDescription
2014-03-27ISC libdns client NAPTR record regular expression handling denial of service ...
RuleID : 29935 - Revision : 2 - Type : PROTOCOL-DNS
2014-01-10ISC libdns client NAPTR record regular expression handling denial of service ...
RuleID : 26427 - Revision : 4 - Type : PROTOCOL-DNS
2014-01-10ISC BIND NAPTR record regular expression handling denial of service attempt
RuleID : 26324 - Revision : 6 - Type : PROTOCOL-DNS

Nessus® Vulnerability Scanner

DateDescription
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2014-12-26Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2014-0084.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-0746.nasl - Type : ACT_GATHER_INFO
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL14386.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-296.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-297.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-302.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-303.nasl - Type : ACT_GATHER_INFO
2014-01-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-34.nasl - Type : ACT_GATHER_INFO
2013-09-13Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_5.nasl - Type : ACT_GATHER_INFO
2013-09-13Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2013-004.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-176.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0689.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0690.nasl - Type : ACT_GATHER_INFO
2013-06-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0689.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-058.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-059.nasl - Type : ACT_GATHER_INFO
2013-04-18Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_dhcp-130327.nasl - Type : ACT_GATHER_INFO
2013-04-08Name : The remote Fedora host is missing a security update.
File : fedora_2013-4533.nasl - Type : ACT_GATHER_INFO
2013-04-08Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7a282e4995b611e284330800273fe665.nasl - Type : ACT_GATHER_INFO
2013-04-08Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_13031d989bd111e2a7be8c705af55518.nasl - Type : ACT_GATHER_INFO
2013-04-07Name : The remote Fedora host is missing a security update.
File : fedora_2013-4525.nasl - Type : ACT_GATHER_INFO
2013-04-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2656.nasl - Type : ACT_GATHER_INFO
2013-04-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130328_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-04-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130328_bind_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-04-01Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1783-1.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0690.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0689.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0690.nasl - Type : ACT_GATHER_INFO
2013-03-29Name : The remote name server is prone to a denial of service attack.
File : bind9_992_p2.nasl - Type : ACT_GATHER_INFO
2013-03-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-086-01.nasl - Type : ACT_GATHER_INFO
2013-03-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-086-02.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
APPLE http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
BID http://www.securityfocus.com/bid/58736
CONFIRM http://linux.oracle.com/errata/ELSA-2014-1244
http://support.apple.com/kb/HT5880
http://www.isc.org/software/bind/advisories/cve-2013-2266
https://kb.isc.org/article/AA-00871/
https://kb.isc.org/article/AA-00879/
DEBIAN http://www.debian.org/security/2013/dsa-2656
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101500.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101603.html
HP http://marc.info/?l=bugtraq&m=136804614120794&w=2
REDHAT http://rhn.redhat.com/errata/RHSA-2013-0689.html
http://rhn.redhat.com/errata/RHSA-2013-0690.html
UBUNTU http://www.ubuntu.com/usn/USN-1783-1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
DateInformations
2018-10-31 00:20:31
  • Multiple Updates
2017-09-19 09:25:57
  • Multiple Updates
2017-04-22 13:25:52
  • Multiple Updates
2017-01-07 09:25:12
  • Multiple Updates
2016-06-28 19:28:56
  • Multiple Updates
2016-04-26 23:06:23
  • Multiple Updates
2014-12-27 13:24:59
  • Multiple Updates
2014-11-08 13:30:50
  • Multiple Updates
2014-10-11 13:26:17
  • Multiple Updates
2014-06-14 13:35:27
  • Multiple Updates
2014-03-27 21:20:54
  • Multiple Updates
2014-02-17 11:19:19
  • Multiple Updates
2014-01-19 21:29:18
  • Multiple Updates
2013-12-05 17:20:04
  • Multiple Updates
2013-11-23 00:22:09
  • Multiple Updates
2013-11-19 13:31:57
  • Multiple Updates
2013-11-11 12:40:23
  • Multiple Updates
2013-09-18 13:19:52
  • Multiple Updates
2013-06-05 13:20:22
  • Multiple Updates
2013-05-10 22:30:14
  • Multiple Updates
2013-04-11 13:21:08
  • Multiple Updates
2013-04-01 21:18:43
  • Multiple Updates
2013-03-28 21:18:34
  • First insertion