CVE-2009-0696

First published: Wed Jul 29 2009(Updated: )

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
ISC BIND	=9.5.0-a6
ISC BIND	=9.4.3-b1
ISC BIND	=9.4.3-b2
ISC BIND	=9.6-r6_rc1
ISC BIND	=9.4.0-b2
ISC BIND	=9.5.0-p2_w1
ISC BIND	=9.5.0-a3
ISC BIND	=9.5
ISC BIND	=9.6.1
ISC BIND	=9.4.0-a4
ISC BIND	=9.6-r3
ISC BIND	=9.5.0-p1
ISC BIND	=9.4.3-p2
ISC BIND	=9.4.1
ISC BIND	=9.6-r6_b1
ISC BIND	=9.4.0-a3
ISC BIND	=9.5.0-a1
ISC BIND	=9.5.0-b1
ISC BIND	=9.5.0-a7
ISC BIND	=9.4.0-rc2
ISC BIND	=9.5.0-a2
ISC BIND	=9.6.0-p1
ISC BIND	=9.5.0-a4
ISC BIND	=9.5.0-a5
ISC BIND	=9.5.0-p2_w2
ISC BIND	=9.6
ISC BIND	=9.6-r6
ISC BIND	=9.4
ISC BIND	=9.6-r9_p1
ISC BIND	=9.6-r5_b1
ISC BIND	=9.6-r2
ISC BIND	=9.5.0
ISC BIND	=9.6-r9
ISC BIND	=9.6-r1
ISC BIND	=9.6-r7_p2
ISC BIND	=9.4.2
ISC BIND	=9.4.0-a2
ISC BIND	=9.4.3-b3
ISC BIND	=9.6.1-b1
ISC BIND	=9.4.2-rc1
ISC BIND	=9.4.0-b4
ISC BIND	=9.4.0-b3
ISC BIND	=9.6-r6_rc2
ISC BIND	=9.6-r7_p1
ISC BIND	=9.6.0-rc2
ISC BIND	=9.4.3
ISC BIND	=9.6-r5
ISC BIND	=9.5.0-p2
ISC BIND	=9.4.0-a1
ISC BIND	=9.6-r4_p1
ISC BIND	=9.4.0-a5
ISC BIND	=9.6-r7
ISC BIND	=9.6-r5_p1
ISC BIND	=9.5.0-b3
ISC BIND	=9.4.0-rc1
ISC BIND	=9.4.0
ISC BIND	=9.5.0-b2
ISC BIND	=9.6.0-rc1
ISC BIND	=9.6.0-a1
ISC BIND	=9.4.0-a6
ISC BIND	=9.4.0-b1
ISC BIND	=9.4.2-rc2
ISC BIND	=9.6-r4
ISC BIND	=9.6.0-b1
ISC BIND	=9.6.0

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
vendor/isc
canonical/isc bind
version/isc bind/9.5.0-a6
version/isc bind/9.4.3-b1
version/isc bind/9.4.3-b2
version/isc bind/9.6-r6_rc1
version/isc bind/9.4.0-b2
version/isc bind/9.5.0-p2_w1
version/isc bind/9.5.0-a3
version/isc bind/9.5
version/isc bind/9.6.1
version/isc bind/9.4.0-a4
version/isc bind/9.6-r3
version/isc bind/9.5.0-p1
version/isc bind/9.4.3-p2
version/isc bind/9.4.1
version/isc bind/9.6-r6_b1
version/isc bind/9.4.0-a3
version/isc bind/9.5.0-a1
version/isc bind/9.5.0-b1
version/isc bind/9.5.0-a7
version/isc bind/9.4.0-rc2
version/isc bind/9.5.0-a2
version/isc bind/9.6.0-p1
version/isc bind/9.5.0-a4
version/isc bind/9.5.0-a5
version/isc bind/9.5.0-p2_w2
version/isc bind/9.6
version/isc bind/9.6-r6
version/isc bind/9.4
version/isc bind/9.6-r9_p1
version/isc bind/9.6-r5_b1
version/isc bind/9.6-r2
version/isc bind/9.5.0
version/isc bind/9.6-r9
version/isc bind/9.6-r1
version/isc bind/9.6-r7_p2
version/isc bind/9.4.2
version/isc bind/9.4.0-a2
version/isc bind/9.4.3-b3
version/isc bind/9.6.1-b1
version/isc bind/9.4.2-rc1
version/isc bind/9.4.0-b4
version/isc bind/9.4.0-b3
version/isc bind/9.6-r6_rc2
version/isc bind/9.6-r7_p1
version/isc bind/9.6.0-rc2
version/isc bind/9.4.3
version/isc bind/9.6-r5
version/isc bind/9.5.0-p2
version/isc bind/9.4.0-a1
version/isc bind/9.6-r4_p1
version/isc bind/9.4.0-a5
version/isc bind/9.6-r7
version/isc bind/9.6-r5_p1
version/isc bind/9.5.0-b3
version/isc bind/9.4.0-rc1
version/isc bind/9.4.0
version/isc bind/9.5.0-b2
version/isc bind/9.6.0-rc1
version/isc bind/9.6.0-a1
version/isc bind/9.4.0-a6
version/isc bind/9.4.0-b1
version/isc bind/9.4.2-rc2
version/isc bind/9.6-r4
version/isc bind/9.6.0-b1
version/isc bind/9.6.0

CVE-2009-0696

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact