what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

CVE-2013-2266

Status Candidate

Overview

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Related Files

Gentoo Linux Security Advisory 201401-34
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-2266, CVE-2013-3919, CVE-2013-4854, CVE-2014-0591
MD5 | 90bdcc100240be1f5b920b30dbe5c3ef
HP Security Bulletin HPSBUX02876 SSRT101148 2
Posted Jun 21, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
MD5 | cb5a2ccaa3cda13864c28d369b1455bf
HP Security Bulletin HPSBUX02876 SSRT101148
Posted May 8, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
MD5 | 24aa34957c4a593adcbf15b08776fd5c
Mandriva Linux Security Advisory 2013-058
Posted Apr 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-058 - libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, unix, mandriva
advisories | CVE-2013-2266
MD5 | 40abf3873b26c39105e6e612b372e51c
FreeBSD Security Advisory - BIND Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

tags | advisory
systems | freebsd
advisories | CVE-2013-2266
MD5 | 42ee0db182faef9b1dc0e0ccc70fb236
Debian Security Advisory 2656-1
Posted Mar 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2656-1 - Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2013-2266
MD5 | 5ed1fd977782ea5eccd59456dc1a3466
Ubuntu Security Notice USN-1783-1
Posted Mar 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1783-1 - Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2266
MD5 | f835413ca1aa2bb19c321f078e829e68
Red Hat Security Advisory 2013-0689-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0689-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
MD5 | cf7e62f486d152619cd602cc94117fab
Red Hat Security Advisory 2013-0690-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0690-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
MD5 | fce351f8b68afdcd0216c43bbe76c25b
Slackware Security Advisory - bind Updates
Posted Mar 28, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
MD5 | 5435144bfc03fca4d6d0c9baa483cf09
BIND 9 Memory Consumption
Posted Mar 27, 2013
Authored by Matthew Horsfall | Site kb.isc.org

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.

tags | advisory
advisories | CVE-2013-2266
MD5 | b1a9786beb540cf0004195c55042aa2f
Slackware Security Advisory - dhcp Updates
Posted Mar 27, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
MD5 | 60a6a3d19246f3af5dde2ae7bc39fe17
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close