fkie_nvd - fkie_cve-2012-5689

fkie_cve-2012-5689

Vulnerability from fkie_nvd

Published

2013-01-25 12:00

Modified

2024-11-21 01:45

Severity ?

Summary

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

References

URL	Tags
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2013-0550.html	Third Party Advisory
cve@mitre.org	http://www.isc.org/software/bind/advisories/cve-2012-5689	Vendor Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-2693-1	Third Party Advisory
cve@mitre.org	https://kb.isc.org/article/AA-00855/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0550.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.isc.org/software/bind/advisories/cve-2012-5689	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2693-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://kb.isc.org/article/AA-00855/	Vendor Advisory

Impacted products

Vendor	Product	Version
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.0
isc	bind	9.9.1
isc	bind	9.9.1
isc	bind	9.9.1
isc	bind	9.9.2
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_hpc_node	6.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server_aus	6.4
redhat	enterprise_linux_server_eus	6.4.z
redhat	enterprise_linux_workstation	6.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.0
isc	bind	9.8.1
isc	bind	9.8.1
isc	bind	9.8.1
isc	bind	9.8.1
isc	bind	9.8.1
isc	bind	9.8.1
isc	bind	9.8.2
isc	bind	9.8.2
isc	bind	9.8.2
isc	bind	9.8.3
isc	bind	9.8.3
isc	bind	9.8.3
isc	bind	9.8.4
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B96B87-F18C-41EF-9A37-7D0842433A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "AFA1AA14-4D4A-45D0-9573-D53C0FFFFF78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*",
              "matchCriteriaId": "F5DE1274-F7A1-4F12-A4F5-1CB1DD5B84E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*",
              "matchCriteriaId": "401A7E61-AC3D-417D-97B8-E5E736DC6FCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "C7C37F7D-DD28-4C70-A534-A3F434DF4273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*",
              "matchCriteriaId": "B2EC1F99-85C1-4081-A118-790111741246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "85D6C9B7-9D5D-4589-AC83-E6ECB535EBFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "043A5E3F-529B-4A9A-8531-184EE6D1942D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "673057D5-256C-4933-B56F-4BF8848323F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "C2CE371B-E399-4D74-B46C-3606E4BDA53A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3798A1-134C-4066-A012-10C15F103EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "9CA1AEBE-040C-483A-9850-7DA888FF8075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "B9A33F04-3240-4268-B613-C4876770A30F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4.z:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3F4527-8ADB-4A45-9E2C-C6E45D637D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*",
              "matchCriteriaId": "811D03B2-96A8-47F9-80BE-54228A4108EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*",
              "matchCriteriaId": "B3D4393C-1151-49F9-963B-B6FD88E93814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
              "matchCriteriaId": "25855A5C-302F-4A82-AEC1-8C4C9CB70362",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*",
              "matchCriteriaId": "03E68ACA-0288-4EE5-9250-54711B2E6670",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*",
              "matchCriteriaId": "8D717D3D-F4BF-470B-AC2B-D1234A7303EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "66D259B7-4F9E-43B2-BB1D-3B097D3CDB28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*",
              "matchCriteriaId": "FCC604FD-A834-4BA7-B1E2-1FCB6A583204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*",
              "matchCriteriaId": "479D3C6C-1FD7-4DBE-A841-4B58400A89F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*",
              "matchCriteriaId": "BAF29160-63C2-40D0-BE08-3C8181CD5092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "8DAA3942-0979-4D33-BD52-EF7F0403DFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "39D75F93-B6A7-4D25-8147-25F7F867E5B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*",
              "matchCriteriaId": "B046CE1D-03E1-462F-9762-9269E59BD554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "DAC9049D-6284-40F7-9E97-596FEDF9EEDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "10D06B47-911B-4095-ABD2-DDD38E6306F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "59428551-218B-4C32-982F-DCDC894E2954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "961E22DC-1467-4A0C-9450-A2E047FCFCFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "DF77CAF5-A8D6-4479-9C4D-A698D26BDC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD318FF1-320B-4311-AF7E-988C023B4938",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record."
    },
    {
      "lang": "es",
      "value": "ISC BIND v9.8.x hasta 9.8.4-P1 y v9.9.x hasta v9.9.2-P1, en ??ciertas configuraciones que implican DNS64 con una zona de pol\u00edtica de respuesta que carece de una regla de reescritura AAAA, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (aserci\u00f3n fracaso y salida llamado demonio) a trav\u00e9s de una consulta para un registro AAAA."
    }
  ],
  "id": "CVE-2012-5689",
  "lastModified": "2024-11-21T01:45:07.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-01-25T12:00:46.087",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0550.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.isc.org/software/bind/advisories/cve-2012-5689"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2693-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.isc.org/article/AA-00855/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0550.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.isc.org/software/bind/advisories/cve-2012-5689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2693-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.isc.org/article/AA-00855/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2012-5689

Vulnerability from cvelistv5

Published

2013-01-25 11:00

Modified

2024-08-06 21:14