4.3

CVE-2007-0494

EPSS 45.6%
Published 25.01.2007 20:28:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.

Affected products Warnungen 0 Metrics 2 CWE 0 References 69

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Bind Version9.0

Isc ≫ Bind Version9.0.0 Updaterc1

Isc ≫ Bind Version9.0.0 Updaterc2

Isc ≫ Bind Version9.0.0 Updaterc3

Isc ≫ Bind Version9.0.0 Updaterc4

Isc ≫ Bind Version9.0.0 Updaterc5

Isc ≫ Bind Version9.0.0 Updaterc6

Isc ≫ Bind Version9.0.1

Isc ≫ Bind Version9.0.1 Updaterc1

Isc ≫ Bind Version9.0.1 Updaterc2

Isc ≫ Bind Version9.1

Isc ≫ Bind Version9.1.0 Updaterc1

Isc ≫ Bind Version9.1.1

Isc ≫ Bind Version9.1.1 Updaterc1

Isc ≫ Bind Version9.1.1 Updaterc2

Isc ≫ Bind Version9.1.1 Updaterc3

Isc ≫ Bind Version9.1.1 Updaterc4

Isc ≫ Bind Version9.1.1 Updaterc5

Isc ≫ Bind Version9.1.1 Updaterc6

Isc ≫ Bind Version9.1.1 Updaterc7

Isc ≫ Bind Version9.1.2

Isc ≫ Bind Version9.1.2 Updaterc1

Isc ≫ Bind Version9.1.3

Isc ≫ Bind Version9.1.3 Updaterc1

Isc ≫ Bind Version9.1.3 Updaterc2

Isc ≫ Bind Version9.1.3 Updaterc3

Isc ≫ Bind Version9.2

Isc ≫ Bind Version9.2.0

Isc ≫ Bind Version9.2.0 Updatea1

Isc ≫ Bind Version9.2.0 Updatea2

Isc ≫ Bind Version9.2.0 Updatea3

Isc ≫ Bind Version9.2.0 Updateb1

Isc ≫ Bind Version9.2.0 Updateb2

Isc ≫ Bind Version9.2.0 Updaterc1

Isc ≫ Bind Version9.2.0 Updaterc10

Isc ≫ Bind Version9.2.0 Updaterc2

Isc ≫ Bind Version9.2.0 Updaterc3

Isc ≫ Bind Version9.2.0 Updaterc4

Isc ≫ Bind Version9.2.0 Updaterc5

Isc ≫ Bind Version9.2.0 Updaterc6

Isc ≫ Bind Version9.2.0 Updaterc7

Isc ≫ Bind Version9.2.0 Updaterc8

Isc ≫ Bind Version9.2.0 Updaterc9

Isc ≫ Bind Version9.2.1

Isc ≫ Bind Version9.2.1 Updaterc1

Isc ≫ Bind Version9.2.1 Updaterc2

Isc ≫ Bind Version9.2.2

Isc ≫ Bind Version9.2.2 Updatep2

Isc ≫ Bind Version9.2.2 Updatep3

Isc ≫ Bind Version9.2.2 Updaterc1

Isc ≫ Bind Version9.2.3

Isc ≫ Bind Version9.2.3 Updaterc1

Isc ≫ Bind Version9.2.3 Updaterc2

Isc ≫ Bind Version9.2.3 Updaterc3

Isc ≫ Bind Version9.2.3 Updaterc4

Isc ≫ Bind Version9.2.4

Isc ≫ Bind Version9.2.4 Updaterc2

Isc ≫ Bind Version9.2.4 Updaterc3

Isc ≫ Bind Version9.2.4 Updaterc4

Isc ≫ Bind Version9.2.4 Updaterc5

Isc ≫ Bind Version9.2.4 Updaterc6

Isc ≫ Bind Version9.2.4 Updaterc7

Isc ≫ Bind Version9.2.4 Updaterc8

Isc ≫ Bind Version9.2.5

Isc ≫ Bind Version9.2.5 Updateb2

Isc ≫ Bind Version9.2.5 Updaterc1

Isc ≫ Bind Version9.2.6

Isc ≫ Bind Version9.2.6 Updaterc1

Isc ≫ Bind Version9.3

Isc ≫ Bind Version9.3.0

Isc ≫ Bind Version9.3.0 Updateb2

Isc ≫ Bind Version9.3.0 Updateb3

Isc ≫ Bind Version9.3.0 Updateb4

Isc ≫ Bind Version9.3.0 Updaterc1

Isc ≫ Bind Version9.3.0 Updaterc2

Isc ≫ Bind Version9.3.0 Updaterc3

Isc ≫ Bind Version9.3.0 Updaterc4

Isc ≫ Bind Version9.3.1

Isc ≫ Bind Version9.3.1 Updateb2

Isc ≫ Bind Version9.3.1 Updaterc1

Isc ≫ Bind Version9.3.2

Isc ≫ Bind Version9.3.2 Updaterc1

Isc ≫ Bind Version9.4.0 Updatea1

Isc ≫ Bind Version9.4.0 Updatea2

Isc ≫ Bind Version9.4.0 Updatea3

Isc ≫ Bind Version9.4.0 Updatea4

Isc ≫ Bind Version9.4.0 Updatea5

Isc ≫ Bind Version9.4.0 Updateb1

Isc ≫ Bind Version9.4.0 Updateb2

Isc ≫ Bind Version9.4.0 Updateb3

Isc ≫ Bind Version9.4.0 Updaterc1

Isc ≫ Bind Version9.5.0 Updatea1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	45.6%	0.975

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

http://www.isc.org/index.pl?/sw/bind/bind-security.php

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html

http://secunia.com/advisories/26909

http://secunia.com/advisories/27706

http://www.vupen.com/english/advisories/2007/3229

http://docs.info.apple.com/article.html?artnum=305530

http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

http://secunia.com/advisories/25402

Vendor Advisory

http://www.vupen.com/english/advisories/2007/1939

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

http://secunia.com/advisories/24284

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495

http://secunia.com/advisories/24930

Vendor Advisory

http://secunia.com/advisories/24950

Vendor Advisory

http://secunia.com/advisories/25649

http://www.vupen.com/english/advisories/2007/1401

http://www.vupen.com/english/advisories/2007/2163

http://www.vupen.com/english/advisories/2007/2315

https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144

http://secunia.com/advisories/24054

Vendor Advisory

http://www.trustix.org/errata/2007/0005

http://fedoranews.org/cms/node/2507

http://fedoranews.org/cms/node/2537

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc

http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html

http://secunia.com/advisories/23904

Patch

Vendor Advisory

http://secunia.com/advisories/23924

Vendor Advisory

http://secunia.com/advisories/23943

Vendor Advisory

http://secunia.com/advisories/23972

Vendor Advisory

http://secunia.com/advisories/23974

Vendor Advisory

http://secunia.com/advisories/23977

Vendor Advisory

http://secunia.com/advisories/24014

Vendor Advisory

http://secunia.com/advisories/24048

Vendor Advisory

http://secunia.com/advisories/24129

Vendor Advisory

http://secunia.com/advisories/24203

Vendor Advisory

http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc

http://security.gentoo.org/glsa/glsa-200702-06.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157

http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8

Patch

http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4

Patch

http://www.mandriva.com/security/advisories?name=MDKSA-2007:030

http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html

http://www.redhat.com/support/errata/RHSA-2007-0057.html

http://www.ubuntu.com/usn/usn-418-1

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

https://issues.rpath.com/browse/RPL-989

http://marc.info/?l=bind-announce&m=116968519300764&w=2

http://secunia.com/advisories/23944

Vendor Advisory

http://secunia.com/advisories/24083

Vendor Advisory

http://secunia.com/advisories/24648

Vendor Advisory

http://secunia.com/advisories/25482

http://secunia.com/advisories/25715

http://securitytracker.com/id?1017573

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1

http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm

http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618

http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619

http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144

http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324

http://www.debian.org/security/2007/dsa-1254

http://www.redhat.com/support/errata/RHSA-2007-0044.html

http://www.securityfocus.com/bid/22231

http://www.vupen.com/english/advisories/2007/2002

http://www.vupen.com/english/advisories/2007/2245

https://exchange.xforce.ibmcloud.com/vulnerabilities/31838

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523

https://nvd.nist.gov/vuln/detail/CVE-2007-0494

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0494

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0494

EUVD