exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2013-2266

Status Candidate

Overview

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Related Files

Gentoo Linux Security Advisory 201401-34
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-2266, CVE-2013-3919, CVE-2013-4854, CVE-2014-0591
SHA-256 | 08788290f886b257bb5cf19d5da72a1cebe9c1902c834380c2cebb552a875e12
HP Security Bulletin HPSBUX02876 SSRT101148 2
Posted Jun 21, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
SHA-256 | 8b167f87f0c9355815506c7eeefa983f0028d1289171609aacb0fef7b45c84a6
HP Security Bulletin HPSBUX02876 SSRT101148
Posted May 8, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
SHA-256 | bae15b6a39dd3cfa802f7792f5a093f226f0845242eea38a7516384dc050d8a6
Mandriva Linux Security Advisory 2013-058
Posted Apr 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-058 - libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, unix, mandriva
advisories | CVE-2013-2266
SHA-256 | e53388a8fbae2beb233f334ba8f496d6db29a7c3a0a59bdc0e70bbfbfc78adc8
FreeBSD Security Advisory - BIND Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

tags | advisory
systems | freebsd
advisories | CVE-2013-2266
SHA-256 | 1dd487d7a38a6be933444db11b02dd1e2e265a2e5fb5dd7875698187215034f8
Debian Security Advisory 2656-1
Posted Mar 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2656-1 - Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2013-2266
SHA-256 | f2dcd89039a695f90e98b0038b67fc5cae9bfa2e5c3193cbdead19922ea0aa61
Ubuntu Security Notice USN-1783-1
Posted Mar 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1783-1 - Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2266
SHA-256 | c24a1c3ac68073c644db15400ac8f6c99c9ab1b5641d5bb91173cedfe9b52f68
Red Hat Security Advisory 2013-0689-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0689-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
SHA-256 | 49ec82c31e09a661de8b7df652d8eee53683f7471acff85a36ad89701d30651f
Red Hat Security Advisory 2013-0690-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0690-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
SHA-256 | 8e2fbfef90b9c05004aec10b390bae90ea7731c20f0d59269617c5d40e2c0b39
Slackware Security Advisory - bind Updates
Posted Mar 28, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
SHA-256 | a993d939b799c47a47bff241e1f49b6b00f251765344dc7c88ca3e0f7c959802
BIND 9 Memory Consumption
Posted Mar 27, 2013
Authored by Matthew Horsfall | Site kb.isc.org

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.

tags | advisory
advisories | CVE-2013-2266
SHA-256 | 7cda4cd2685e259b72b8a7f277f48a6fa21ea4dcfa18ce25de752b2336680f23
Slackware Security Advisory - dhcp Updates
Posted Mar 27, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
SHA-256 | 863cc58feb36ee13f39bbaf2e6dfc10aac80a162251030487d679e1f6fefcbf3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close