5

CVE-2005-0033

Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version8.4.4
IscBind Version8.4.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.45% 0.955
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Patch
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt
http://secunia.com/advisories/14009
http://secunia.com/advisories/18291
http://securitytracker.com/id?1012996
http://www.isc.org/index.pl?/sw/bind/bind8.php
Patch
http://www.kb.cert.org/vuls/id/327633
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/12364
http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/19063