CVE-2012-5688

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-5688
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

7.8 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1549.html Third Party Advisory
http://support.apple.com/kb/HT5880 Third Party Advisory
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004 Third Party Advisory
http://www.ubuntu.com/usn/USN-1657-1 Third Party Advisory
https://kb.isc.org/article/AA-00828 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:isc:bind:9.8.0:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.2:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.3:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.3:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.3:p4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:isc:bind:9.9.0:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.1:-:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.1:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.1:p4:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
History

No history.

Information

Published : 2012-12-06 11:45

Updated : 2024-02-04 18:16

NVD link : CVE-2012-5688

Mitre link : CVE-2012-5688

CVE.ORG link : CVE-2012-5688

JSON object : View

Products Affected

isc

  • bind

canonical

  • ubuntu_linux
CWE
CWE-20

Improper Input Validation