CVE-2013-6230

First published: Fri Nov 08 2013(Updated: )

The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
ISC BIND	=9.6
ISC BIND	=9.6-r5_p1
ISC BIND	=9.6-r6_b1
ISC BIND	=9.6-r6_rc1
ISC BIND	=9.6-r6_rc2
ISC BIND	=9.6-r7_p1
ISC BIND	=9.6-r7_p2
ISC BIND	=9.6-r9_p1
ISC BIND	=9.8.0
ISC BIND	=9.8.0-a1
ISC BIND	=9.8.0-b1
ISC BIND	=9.8.0-p1
ISC BIND	=9.8.0-p2
ISC BIND	=9.8.0-p4
ISC BIND	=9.8.0-rc1
ISC BIND	=9.8.1
ISC BIND	=9.8.1-b1
ISC BIND	=9.8.1-b2
ISC BIND	=9.8.1-b3
ISC BIND	=9.8.1-p1
ISC BIND	=9.8.1-rc1
ISC BIND	=9.8.2-b1
ISC BIND	=9.8.2-rc1
ISC BIND	=9.8.2-rc2
ISC BIND	=9.8.3
ISC BIND	=9.8.3-p1
ISC BIND	=9.8.3-p2
ISC BIND	=9.8.4
ISC BIND	=9.8.5
ISC BIND	=9.8.5-b1
ISC BIND	=9.8.5-b2
ISC BIND	=9.8.5-p1
ISC BIND	=9.8.5-p2
ISC BIND	=9.8.5-rc1
ISC BIND	=9.8.5-rc2
ISC BIND	=9.8.6-b1
ISC BIND	=9.9.0
ISC BIND	=9.9.0-a1
ISC BIND	=9.9.0-a2
ISC BIND	=9.9.0-a3
ISC BIND	=9.9.0-b1
ISC BIND	=9.9.0-b2
ISC BIND	=9.9.0-rc1
ISC BIND	=9.9.0-rc2
ISC BIND	=9.9.0-rc3
ISC BIND	=9.9.0-rc4
ISC BIND	=9.9.1
ISC BIND	=9.9.1-p1
ISC BIND	=9.9.1-p2
ISC BIND	=9.9.2
ISC BIND	=9.9.3
ISC BIND	=9.9.3-b1
ISC BIND	=9.9.3-b2
ISC BIND	=9.9.3-p1
ISC BIND	=9.9.3-p2
ISC BIND	=9.9.3-rc1
ISC BIND	=9.9.3-rc2
ISC BIND	=9.9.4-b1

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/references
agent/severity
agent/weakness
agent/author
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/isc
canonical/isc bind
version/isc bind/9.6
version/isc bind/9.6-r5_p1
version/isc bind/9.6-r6_b1
version/isc bind/9.6-r6_rc1
version/isc bind/9.6-r6_rc2
version/isc bind/9.6-r7_p1
version/isc bind/9.6-r7_p2
version/isc bind/9.6-r9_p1
version/isc bind/9.8.0
version/isc bind/9.8.0-a1
version/isc bind/9.8.0-b1
version/isc bind/9.8.0-p1
version/isc bind/9.8.0-p2
version/isc bind/9.8.0-p4
version/isc bind/9.8.0-rc1
version/isc bind/9.8.1
version/isc bind/9.8.1-b1
version/isc bind/9.8.1-b2
version/isc bind/9.8.1-b3
version/isc bind/9.8.1-p1
version/isc bind/9.8.1-rc1
version/isc bind/9.8.2-b1
version/isc bind/9.8.2-rc1
version/isc bind/9.8.2-rc2
version/isc bind/9.8.3
version/isc bind/9.8.3-p1
version/isc bind/9.8.3-p2
version/isc bind/9.8.4
version/isc bind/9.8.5
version/isc bind/9.8.5-b1
version/isc bind/9.8.5-b2
version/isc bind/9.8.5-p1
version/isc bind/9.8.5-p2
version/isc bind/9.8.5-rc1
version/isc bind/9.8.5-rc2
version/isc bind/9.8.6-b1
version/isc bind/9.9.0
version/isc bind/9.9.0-a1
version/isc bind/9.9.0-a2
version/isc bind/9.9.0-a3
version/isc bind/9.9.0-b1
version/isc bind/9.9.0-b2
version/isc bind/9.9.0-rc1
version/isc bind/9.9.0-rc2
version/isc bind/9.9.0-rc3
version/isc bind/9.9.0-rc4
version/isc bind/9.9.1
version/isc bind/9.9.1-p1
version/isc bind/9.9.1-p2
version/isc bind/9.9.2
version/isc bind/9.9.3
version/isc bind/9.9.3-b1
version/isc bind/9.9.3-b2
version/isc bind/9.9.3-p1
version/isc bind/9.9.3-p2
version/isc bind/9.9.3-rc1
version/isc bind/9.9.3-rc2
version/isc bind/9.9.4-b1

CVE-2013-6230

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact