CVE-2007-0494
First published: Thu Jan 25 2007(Updated: )
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BIND 9 | =9.2.0-rc7 | |
| BIND 9 | =9.1.1-rc6 | |
| BIND 9 | =9.3.1-rc1 | |
| BIND 9 | =9.1.1 | |
| BIND 9 | =9.2.3-rc2 | |
| BIND 9 | =9.1.3 | |
| BIND 9 | =9.1.1-rc1 | |
| BIND 9 | =9.1.3-rc3 | |
| BIND 9 | =9.4.0-b2 | |
| BIND 9 | =9.2.0-b2 | |
| BIND 9 | =9.3.2-rc1 | |
| BIND 9 | =9.2.0-a3 | |
| BIND 9 | =9.2.3-rc4 | |
| BIND 9 | =9.2 | |
| BIND 9 | =9.3.0-rc4 | |
| BIND 9 | =9.2.4-rc8 | |
| BIND 9 | =9.2.1-rc1 | |
| BIND 9 | =9.3.0-rc2 | |
| BIND 9 | =9.0.0-rc2 | |
| BIND 9 | =9.4.0-a4 | |
| BIND 9 | =9.3 | |
| BIND 9 | =9.3.0-b2 | |
| BIND 9 | =9.1.0-rc1 | |
| BIND 9 | =9.0.0-rc1 | |
| BIND 9 | =9.2.5 | |
| BIND 9 | =9.3.2 | |
| BIND 9 | =9.1.1-rc5 | |
| BIND 9 | =9.2.3-rc3 | |
| BIND 9 | =9.2.0-rc2 | |
| BIND 9 | =9.2.5-b2 | |
| BIND 9 | =9.2.2 | |
| BIND 9 | =9.2.0-rc9 | |
| BIND 9 | =9.4.0-a3 | |
| BIND 9 | =9.5.0-a1 | |
| BIND 9 | =9.0.0-rc3 | |
| BIND 9 | =9.2.2-p2 | |
| BIND 9 | =9.2.4-rc6 | |
| BIND 9 | =9.3.0 | |
| BIND 9 | =9.3.0-b3 | |
| BIND 9 | =9.2.4-rc7 | |
| BIND 9 | =9.1.3-rc2 | |
| BIND 9 | =9.2.4 | |
| BIND 9 | =9.2.5-rc1 | |
| BIND 9 | =9.2.1 | |
| BIND 9 | =9.1.2 | |
| BIND 9 | =9.1.1-rc4 | |
| BIND 9 | =9.4.0-a2 | |
| BIND 9 | =9.3.1 | |
| BIND 9 | =9.2.0-rc4 | |
| BIND 9 | =9.1.1-rc3 | |
| BIND 9 | =9.1 | |
| BIND 9 | =9.2.1-rc2 | |
| BIND 9 | =9.4.0-b3 | |
| BIND 9 | =9.2.4-rc2 | |
| BIND 9 | =9.2.2-p3 | |
| BIND 9 | =9.1.3-rc1 | |
| BIND 9 | =9.2.2-rc1 | |
| BIND 9 | =9.2.0-rc3 | |
| BIND 9 | =9.2.0-rc8 | |
| BIND 9 | =9.0.1-rc2 | |
| BIND 9 | =9.2.4-rc3 | |
| BIND 9 | =9.0.0-rc6 | |
| BIND 9 | =9.4.0-a1 | |
| BIND 9 | =9.2.0-rc5 | |
| BIND 9 | =9.3.0-rc1 | |
| BIND 9 | =9.4.0-a5 | |
| BIND 9 | =9.3.0-b4 | |
| BIND 9 | =9.4.0-rc1 | |
| BIND 9 | =9.3.0-rc3 | |
| BIND 9 | =9.2.3 | |
| BIND 9 | =9.2.0-rc6 | |
| BIND 9 | =9.2.0-rc10 | |
| BIND 9 | =9.2.0 | |
| BIND 9 | =9.0.1 | |
| BIND 9 | =9.2.0-a2 | |
| BIND 9 | =9.1.1-rc2 | |
| BIND 9 | =9.4.0-b1 | |
| BIND 9 | =9.1.2-rc1 | |
| BIND 9 | =9.2.4-rc4 | |
| BIND 9 | =9.0.0-rc4 | |
| BIND 9 | =9.0 | |
| BIND 9 | =9.2.3-rc1 | |
| BIND 9 | =9.2.0-b1 | |
| BIND 9 | =9.2.4-rc5 | |
| BIND 9 | =9.2.0-rc1 | |
| BIND 9 | =9.0.0-rc5 | |
| BIND 9 | =9.2.6-rc1 | |
| BIND 9 | =9.0.1-rc1 | |
| BIND 9 | =9.3.1-b2 | |
| BIND 9 | =9.1.1-rc7 | |
| BIND 9 | =9.2.6 | |
| BIND 9 | =9.2.0-a1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8
- http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4
- http://secunia.com/advisories/23904
- http://www.isc.org/index.pl?/sw/bind/bind-security.php
- https://issues.rpath.com/browse/RPL-989
- http://www.debian.org/security/2007/dsa-1254
- http://fedoranews.org/cms/node/2507
- http://fedoranews.org/cms/node/2537
- http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc
- http://security.gentoo.org/glsa/glsa-200702-06.xml
- http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html
- http://www.redhat.com/support/errata/RHSA-2007-0044.html
- http://www.redhat.com/support/errata/RHSA-2007-0057.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157
- http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html
- http://www.trustix.org/errata/2007/0005
- http://www.ubuntu.com/usn/usn-418-1
- http://www.securityfocus.com/bid/22231
- http://securitytracker.com/id?1017573
- http://secunia.com/advisories/23972
- http://secunia.com/advisories/23924
- http://secunia.com/advisories/23944
- http://secunia.com/advisories/23943
- http://secunia.com/advisories/23974
- http://secunia.com/advisories/23977
- http://secunia.com/advisories/24054
- http://secunia.com/advisories/24014
- http://secunia.com/advisories/24083
- http://secunia.com/advisories/24048
- http://secunia.com/advisories/24129
- http://secunia.com/advisories/24203
- http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm
- http://secunia.com/advisories/24648
- http://secunia.com/advisories/24950
- http://secunia.com/advisories/24930
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
- http://docs.info.apple.com/article.html?artnum=305530
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324
- http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:030
- http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1
- http://secunia.com/advisories/25402
- http://secunia.com/advisories/25649
- http://secunia.com/advisories/25715
- http://secunia.com/advisories/24284
- http://secunia.com/advisories/25482
- http://secunia.com/advisories/26909
- http://secunia.com/advisories/27706
- http://www.vupen.com/english/advisories/2007/2315
- http://www.vupen.com/english/advisories/2007/2163
- http://www.vupen.com/english/advisories/2007/1939
- http://www.vupen.com/english/advisories/2007/3229
- http://www.vupen.com/english/advisories/2007/1401
- http://www.vupen.com/english/advisories/2007/2245
- https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495
- http://www.vupen.com/english/advisories/2007/2002
- http://marc.info/?l=bind-announce&m=116968519300764&w=2
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31838
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523
Frequently Asked Questions
What is the severity of CVE-2007-0494?
CVE-2007-0494 has a severity rating of medium as it can lead to a denial of service.
How do I fix CVE-2007-0494?
To fix CVE-2007-0494, you should upgrade to a patched version of ISC BIND, specifically version 9.2.8 or later.
What versions of ISC BIND are affected by CVE-2007-0494?
CVE-2007-0494 affects ISC BIND versions 9.0.x through 9.5.0a1, including various release candidates.
Can CVE-2007-0494 be exploited remotely?
Yes, CVE-2007-0494 can be exploited remotely by sending malicious ANY DNS query responses.
What impact does CVE-2007-0494 have on my system?
The impact of CVE-2007-0494 is that it can cause the BIND service to exit unexpectedly, resulting in downtime.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/isc
- canonical/bind 9
- version/bind 9/9.2.0-rc7
- version/bind 9/9.1.1-rc6
- version/bind 9/9.3.1-rc1
- version/bind 9/9.1.1
- version/bind 9/9.2.3-rc2
- version/bind 9/9.1.3
- version/bind 9/9.1.1-rc1
- version/bind 9/9.1.3-rc3
- version/bind 9/9.4.0-b2
- version/bind 9/9.2.0-b2
- version/bind 9/9.3.2-rc1
- version/bind 9/9.2.0-a3
- version/bind 9/9.2.3-rc4
- version/bind 9/9.2
- version/bind 9/9.3.0-rc4
- version/bind 9/9.2.4-rc8
- version/bind 9/9.2.1-rc1
- version/bind 9/9.3.0-rc2
- version/bind 9/9.0.0-rc2
- version/bind 9/9.4.0-a4
- version/bind 9/9.3
- version/bind 9/9.3.0-b2
- version/bind 9/9.1.0-rc1
- version/bind 9/9.0.0-rc1
- version/bind 9/9.2.5
- version/bind 9/9.3.2
- version/bind 9/9.1.1-rc5
- version/bind 9/9.2.3-rc3
- version/bind 9/9.2.0-rc2
- version/bind 9/9.2.5-b2
- version/bind 9/9.2.2
- version/bind 9/9.2.0-rc9
- version/bind 9/9.4.0-a3
- version/bind 9/9.5.0-a1
- version/bind 9/9.0.0-rc3
- version/bind 9/9.2.2-p2
- version/bind 9/9.2.4-rc6
- version/bind 9/9.3.0
- version/bind 9/9.3.0-b3
- version/bind 9/9.2.4-rc7
- version/bind 9/9.1.3-rc2
- version/bind 9/9.2.4
- version/bind 9/9.2.5-rc1
- version/bind 9/9.2.1
- version/bind 9/9.1.2
- version/bind 9/9.1.1-rc4
- version/bind 9/9.4.0-a2
- version/bind 9/9.3.1
- version/bind 9/9.2.0-rc4
- version/bind 9/9.1.1-rc3
- version/bind 9/9.1
- version/bind 9/9.2.1-rc2
- version/bind 9/9.4.0-b3
- version/bind 9/9.2.4-rc2
- version/bind 9/9.2.2-p3
- version/bind 9/9.1.3-rc1
- version/bind 9/9.2.2-rc1
- version/bind 9/9.2.0-rc3
- version/bind 9/9.2.0-rc8
- version/bind 9/9.0.1-rc2
- version/bind 9/9.2.4-rc3
- version/bind 9/9.0.0-rc6
- version/bind 9/9.4.0-a1
- version/bind 9/9.2.0-rc5
- version/bind 9/9.3.0-rc1
- version/bind 9/9.4.0-a5
- version/bind 9/9.3.0-b4
- version/bind 9/9.4.0-rc1
- version/bind 9/9.3.0-rc3
- version/bind 9/9.2.3
- version/bind 9/9.2.0-rc6
- version/bind 9/9.2.0-rc10
- version/bind 9/9.2.0
- version/bind 9/9.0.1
- version/bind 9/9.2.0-a2
- version/bind 9/9.1.1-rc2
- version/bind 9/9.4.0-b1
- version/bind 9/9.1.2-rc1
- version/bind 9/9.2.4-rc4
- version/bind 9/9.0.0-rc4
- version/bind 9/9.0
- version/bind 9/9.2.3-rc1
- version/bind 9/9.2.0-b1
- version/bind 9/9.2.4-rc5
- version/bind 9/9.2.0-rc1
- version/bind 9/9.0.0-rc5
- version/bind 9/9.2.6-rc1
- version/bind 9/9.0.1-rc1
- version/bind 9/9.3.1-b2
- version/bind 9/9.1.1-rc7
- version/bind 9/9.2.6
- version/bind 9/9.2.0-a1