Executive Summary

Informations
NameCVE-2013-4854First vendor Publication2013-07-29
VendorCveLast vendor Modification2019-04-22

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21228
 
Oval ID: oval:org.mitre.oval:def:21228
Title: RHSA-2013:1114: bind security update (Important)
Description: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Family: unix Class: patch
Reference(s): RHSA-2013:1114-00
CESA-2013:1114
CVE-2013-4854
Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20276
 
Oval ID: oval:org.mitre.oval:def:20276
Title: RHSA-2013:1115: bind97 security update (Important)
Description: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Family: unix Class: patch
Reference(s): RHSA-2013:1115-00
CESA-2013:1115
CVE-2013-4854
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19561
 
Oval ID: oval:org.mitre.oval:def:19561
Title: HP-UX Running BIND, Remote Denial of Service (DoS)
Description: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Family: unix Class: vulnerability
Reference(s): CVE-2013-4854
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18633
 
Oval ID: oval:org.mitre.oval:def:18633
Title: DSA-2728-1 bind9 - denial of service
Description: Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query.
Family: unix Class: patch
Reference(s): DSA-2728-1
CVE-2013-4854
Version: 7
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18438
 
Oval ID: oval:org.mitre.oval:def:18438
Title: USN-1910-1 -- bind9 vulnerability
Description: Bind could be made to crash if it received specially crafted network traffic.
Family: unix Class: patch
Reference(s): USN-1910-1
CVE-2013-4854
Version: 5
Platform(s): Ubuntu 13.04
Ubuntu 12.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): bind9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23869
 
Oval ID: oval:org.mitre.oval:def:23869
Title: ELSA-2013:1114: bind security update (Important)
Description: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Family: unix Class: patch
Reference(s): ELSA-2013:1114-00
CVE-2013-4854
Version: 6
Platform(s): Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22902
 
Oval ID: oval:org.mitre.oval:def:22902
Title: ELSA-2013:1115: bind97 security update (Important)
Description: The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Family: unix Class: patch
Reference(s): ELSA-2013:1115-00
CVE-2013-4854
Version: 6
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25076
 
Oval ID: oval:org.mitre.oval:def:25076
Title: SUSE-SU-2013:1310-1 -- Security update for bind
Description: A specially crafted query with malicious rdata could have caused a crash (DoS) in named. Security Issue reference: * CVE-2013-4854 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854 >
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1310-1
CVE-2013-4854
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27514
 
Oval ID: oval:org.mitre.oval:def:27514
Title: DEPRECATED: ELSA-2013-1114 -- bind security update (important)
Description: [32:9.8.2-0.17.rc1.0.2.el6_4.5] - bump release and build for ULN [32:9.8.2-0.17.rc1.5] - fix CVE-2013-4854
Family: unix Class: patch
Reference(s): ELSA-2013-1114
CVE-2013-4854
Version: 4
Platform(s): Oracle Linux 6
Product(s): bind
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27039
 
Oval ID: oval:org.mitre.oval:def:27039
Title: DEPRECATED: ELSA-2013-1115 -- bind97 security update (important)
Description: [32:9.7.0-17.P2.2] - fix for CVE-2013-4854
Family: unix Class: patch
Reference(s): ELSA-2013-1115
CVE-2013-4854
Version: 4
Platform(s): Oracle Linux 5
Product(s): bind97
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application78
Application2
Application2
Os2
Os12
Os1
Os1
Os1
Os2
Os1
Os2
Os5

Information Assurance Vulnerability Management (IAVM)

DateDescription
2013-08-01IAVM : 2013-A-0151 - ISC BIND 9 Remote Denial of Service Vulnerability
Severity : Category I - VMSKEY : V0039823

Snort® IPS/IDS

DateDescription
2017-12-19ISC BIND 9 DNS rdata length handling remote denial of service attempt
RuleID : 44879 - Revision : 1 - Type : SERVER-OTHER
2014-01-10ISC BIND 9 DNS rdata length handling remote denial of service attempt
RuleID : 27666 - Revision : 3 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

DateDescription
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2014-12-26Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2014-0084.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1181.nasl - Type : ACT_GATHER_INFO
2014-10-21Name : The remote host is missing a security update for OS X Server.
File : macosx_server_4_0.nasl - Type : ACT_GATHER_INFO
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL14613.nasl - Type : ACT_GATHER_INFO
2014-06-18Name : The remote host is affected by a denial of service vulnerability.
File : mcafee_firewall_enterprise_SB10052.nasl - Type : ACT_GATHER_INFO
2014-06-18Name : The remote host is affected by a denial of service vulnerability.
File : mcafee_web_gateway_SB10052.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2013-654.nasl - Type : ACT_GATHER_INFO
2014-01-30Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-34.nasl - Type : ACT_GATHER_INFO
2013-10-01Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-214.nasl - Type : ACT_GATHER_INFO
2013-08-08Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_bind-130805.nasl - Type : ACT_GATHER_INFO
2013-08-07Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-218-01.nasl - Type : ACT_GATHER_INFO
2013-08-05Name : The remote Fedora host is missing a security update.
File : fedora_2013-13831.nasl - Type : ACT_GATHER_INFO
2013-08-05Name : The remote Fedora host is missing a security update.
File : fedora_2013-13863.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1114.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1115.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130730_bind97_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130730_bind_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1114.nasl - Type : ACT_GATHER_INFO
2013-07-31Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1115.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1114.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1115.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1910-1.nasl - Type : ACT_GATHER_INFO
2013-07-29Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-202.nasl - Type : ACT_GATHER_INFO
2013-07-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2728.nasl - Type : ACT_GATHER_INFO
2013-07-29Name : The remote name server is prone to a denial of service attack.
File : bind9_993_p2.nasl - Type : ACT_GATHER_INFO
2013-07-28Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7943e521f64811e286073c970e169bc2.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
APPLE http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
BID http://www.securityfocus.com/bid/61479
BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html
CONFIRM http://linux.oracle.com/errata/ELSA-2014-1244
https://kb.isc.org/article/AA-01015
https://kb.isc.org/article/AA-01016
https://support.apple.com/kb/HT6536
DEBIAN http://www.debian.org/security/2013/dsa-2728
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108....
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251....
FREEBSD http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc
HP https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na...
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2013:202
MISC http://www.zerodayinitiative.com/advisories/ZDI-13-210/
https://kc.mcafee.com/corporate/index?page=content&id=SB10052
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1114.html
http://rhn.redhat.com/errata/RHSA-2013-1115.html
SECTRACK http://www.securitytracker.com/id/1028838
SUSE http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html
UBUNTU http://www.ubuntu.com/usn/USN-1910-1
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/86004

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
DateInformations
2019-04-22 21:19:09
  • Multiple Updates
2019-03-19 12:05:53
  • Multiple Updates
2019-03-18 17:19:24
  • Multiple Updates
2018-10-31 00:20:33
  • Multiple Updates
2018-01-26 12:05:01
  • Multiple Updates
2017-11-29 09:21:46
  • Multiple Updates
2017-09-19 09:26:14
  • Multiple Updates
2017-08-29 09:24:19
  • Multiple Updates
2017-04-22 13:25:52
  • Multiple Updates
2017-01-07 09:25:13
  • Multiple Updates
2016-06-28 19:41:27
  • Multiple Updates
2016-04-26 23:36:32
  • Multiple Updates
2015-01-17 05:27:26
  • Multiple Updates
2015-01-14 21:24:01
  • Multiple Updates
2014-12-27 13:25:00
  • Multiple Updates
2014-11-08 13:31:10
  • Multiple Updates
2014-10-24 13:26:04
  • Multiple Updates
2014-10-22 13:25:38
  • Multiple Updates
2014-10-11 13:26:18
  • Multiple Updates
2014-06-19 13:22:56
  • Multiple Updates
2014-06-14 13:36:13
  • Multiple Updates
2014-02-17 11:22:37
  • Multiple Updates
2014-01-19 21:29:36
  • Multiple Updates
2014-01-17 13:19:47
  • Multiple Updates
2013-12-05 17:20:50
  • Multiple Updates
2013-11-11 12:40:45
  • Multiple Updates
2013-10-10 13:20:38
  • Multiple Updates
2013-10-08 21:21:57
  • Multiple Updates
2013-10-08 17:20:08
  • Multiple Updates
2013-10-04 21:23:33
  • Multiple Updates
2013-10-04 00:21:29
  • Multiple Updates
2013-09-18 13:20:32
  • Multiple Updates
2013-08-30 17:22:47
  • Multiple Updates
2013-08-22 17:21:01
  • Multiple Updates
2013-08-07 21:20:23
  • Multiple Updates
2013-07-30 13:22:17
  • Multiple Updates
2013-07-29 21:21:44
  • Multiple Updates
2013-07-29 17:23:06
  • First insertion