CVE-2013-2266

Loading...

General

Score:7.8/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2012-0883, CVE-2012-2686, CVE-2012-2687, CVE-2012-3499, CVE-2012-3817, CVE-2012-4244, CVE-2012-4558, CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-0166, CVE-2013-0169, CVE-2013-1025, CVE-2013-1026, CVE-2013-1027, CVE-2013-1028, CVE-2013-1029, CVE-2013-1030, CVE-2013-1031, CVE-2013-1032, CVE-2013-1033, CVE-2013-1635, CVE-2013-1643, CVE-2013-1824, CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2013-1903, CVE-2013-2020, CVE-2013-2021, CVE-2013-2110, CVE-2013-4854, CVE-2014-0591

Published on 28/03/13 - Updated on 19/09/17

Description

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2013-2266
Amazon Linux ALAS-2013-176
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2013-AVI-210, CERTA-2013-AVI-285, CERTA-2013-AVI-529
CentOS CESA-2013:0689, CESA-2013:0690
Debian DSA-2656-1
Oracle Linux ELSA-2013-0690, ELSA-2014-0043, ELSA-2014-1244
Redhat RHSA-2013:0689, RHSA-2013:0690
Renater 2013/VULN402
SUSE SUSE-SU-2013:0696
Ubuntu USN-1783-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
iscbind

Share this vulnerability with:

Twitter Facebook LinkedIn Mail