Main Vulnerability Database Vulnerabilities #VU33961

#VU33961 Input validation error in ISC BIND - CVE-2011-4313

Published: November 29, 2011 / Updated: August 4, 2020

Vulnerability identifier: #VU33961

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2011-4313

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
ISC BIND

Software vendor:
ISC

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.

Remediation

Install update from vendor's website.

#VU33961 Input validation error in ISC BIND - CVE-2011-4313

Description

Remediation

External links

Please verify you're human