Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2009-0696

Published

14 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009..

CVSSv2.0 Score

Severity: Medium
Base Score: 4.3/10
Exploit Score: 8.6/10
Access Vector: Network
Access Complexity: Medium
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: None
Availability Impact: Partial
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:isc:bind:9.5.0:a6::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.3:b1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.3:b2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r6_rc1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:b2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:p2_w1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a3::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6.1:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a4::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r3:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:p1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.3:p2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.1:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r6_b1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a3::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:b1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a7::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:rc2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:p1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a4::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:a5::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:p2_w2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6::::esv:::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r6:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r9_p1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r5_b1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r2:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r9:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r7_p2:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.2:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.3:b3::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6.1:b1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.2:rc1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:b4::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:b3::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r6_rc2:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r7_p1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:rc2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.3:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r5:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:p2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r4_p1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a5::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r7:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r5_p1:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:b3::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:rc1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:::::::*	Yes	-	-
cpe:2.3:a:isc:bind:9.5.0:b2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:rc1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:a1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:a6::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.0:b1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.4.2:rc2::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6:r4:::esv:::*	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:b1::::::	Yes	-	-
cpe:2.3:a:isc:bind:9.6.0:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2009-0696

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2009-0696

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References