2.6

CVE-2009-4022

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version9.0
IscBind Version9.0.0 Updaterc1
IscBind Version9.0.0 Updaterc2
IscBind Version9.0.0 Updaterc3
IscBind Version9.0.0 Updaterc4
IscBind Version9.0.0 Updaterc5
IscBind Version9.0.0 Updaterc6
IscBind Version9.0.1
IscBind Version9.0.1 Updaterc1
IscBind Version9.0.1 Updaterc2
IscBind Version9.1
IscBind Version9.1.0 Updaterc1
IscBind Version9.1.1
IscBind Version9.1.1 Updaterc1
IscBind Version9.1.1 Updaterc2
IscBind Version9.1.1 Updaterc3
IscBind Version9.1.1 Updaterc4
IscBind Version9.1.1 Updaterc5
IscBind Version9.1.1 Updaterc6
IscBind Version9.1.1 Updaterc7
IscBind Version9.1.2
IscBind Version9.1.2 Updaterc1
IscBind Version9.1.3
IscBind Version9.1.3 Updaterc1
IscBind Version9.1.3 Updaterc2
IscBind Version9.1.3 Updaterc3
IscBind Version9.2
IscBind Version9.2.0
IscBind Version9.2.0 Updatea1
IscBind Version9.2.0 Updatea2
IscBind Version9.2.0 Updatea3
IscBind Version9.2.0 Updateb1
IscBind Version9.2.0 Updateb2
IscBind Version9.2.0 Updaterc1
IscBind Version9.2.0 Updaterc10
IscBind Version9.2.0 Updaterc2
IscBind Version9.2.0 Updaterc3
IscBind Version9.2.0 Updaterc4
IscBind Version9.2.0 Updaterc5
IscBind Version9.2.0 Updaterc6
IscBind Version9.2.0 Updaterc7
IscBind Version9.2.0 Updaterc8
IscBind Version9.2.0 Updaterc9
IscBind Version9.2.1
IscBind Version9.2.1 Updaterc1
IscBind Version9.2.1 Updaterc2
IscBind Version9.2.2
IscBind Version9.2.2 Updatep2
IscBind Version9.2.2 Updatep3
IscBind Version9.2.2 Updaterc1
IscBind Version9.2.3
IscBind Version9.2.3 Updaterc1
IscBind Version9.2.3 Updaterc2
IscBind Version9.2.3 Updaterc3
IscBind Version9.2.3 Updaterc4
IscBind Version9.2.4
IscBind Version9.2.4 Updaterc2
IscBind Version9.2.4 Updaterc3
IscBind Version9.2.4 Updaterc4
IscBind Version9.2.4 Updaterc5
IscBind Version9.2.4 Updaterc6
IscBind Version9.2.4 Updaterc7
IscBind Version9.2.4 Updaterc8
IscBind Version9.2.5
IscBind Version9.2.5 Updateb2
IscBind Version9.2.5 Updaterc1
IscBind Version9.2.6
IscBind Version9.2.6 Updaterc1
IscBind Version9.2.7
IscBind Version9.2.7 Updaterc1
IscBind Version9.2.7 Updaterc2
IscBind Version9.2.7 Updaterc3
IscBind Version9.2.8
IscBind Version9.2.9
IscBind Version9.2.9 Updaterc1
IscBind Version9.3
IscBind Version9.3.0
IscBind Version9.3.0 Updateb2
IscBind Version9.3.0 Updateb3
IscBind Version9.3.0 Updateb4
IscBind Version9.3.0 Updaterc1
IscBind Version9.3.0 Updaterc2
IscBind Version9.3.0 Updaterc3
IscBind Version9.3.0 Updaterc4
IscBind Version9.3.1
IscBind Version9.3.1 Updateb2
IscBind Version9.3.1 Updaterc1
IscBind Version9.3.2
IscBind Version9.3.2 Updaterc1
IscBind Version9.3.3
IscBind Version9.3.3 Updaterc1
IscBind Version9.3.3 Updaterc2
IscBind Version9.3.3 Updaterc3
IscBind Version9.3.4
IscBind Version9.3.5
IscBind Version9.3.5 Updaterc1
IscBind Version9.3.5 Updaterc2
IscBind Version9.3.6
IscBind Version9.3.6 Updaterc1
IscBind Version9.4.0
IscBind Version9.4.0 Updatea1
IscBind Version9.4.0 Updatea2
IscBind Version9.4.0 Updatea3
IscBind Version9.4.0 Updatea4
IscBind Version9.4.0 Updatea5
IscBind Version9.4.0 Updatea6
IscBind Version9.4.0 Updateb1
IscBind Version9.4.0 Updateb2
IscBind Version9.4.0 Updateb3
IscBind Version9.4.0 Updateb4
IscBind Version9.4.0 Updaterc1
IscBind Version9.4.0 Updaterc2
IscBind Version9.4.1
IscBind Version9.4.2
IscBind Version9.4.2 Updaterc1
IscBind Version9.4.2 Updaterc2
IscBind Version9.4.3
IscBind Version9.4.3 Updateb1
IscBind Version9.4.3 Updateb2
IscBind Version9.4.3 Updateb3
IscBind Version9.4.3 Updatep1
IscBind Version9.4.3 Updatep2
IscBind Version9.4.3 Updatep3
IscBind Version9.4.3 Updaterc1
IscBind Version9.5.0
IscBind Version9.5.0 Updatea1
IscBind Version9.5.0 Updatea2
IscBind Version9.5.0 Updatea3
IscBind Version9.5.0 Updatea4
IscBind Version9.5.0 Updatea5
IscBind Version9.5.0 Updatea6
IscBind Version9.5.0 Updatea7
IscBind Version9.5.0 Updateb1
IscBind Version9.5.0 Updateb2
IscBind Version9.5.0 Updateb3
IscBind Version9.5.0 Updatep1
IscBind Version9.5.0 Updatep2
IscBind Version9.5.0 Updatep2_w1
IscBind Version9.5.0 Updatep2_w2
IscBind Version9.5.0 Updaterc1
IscBind Version9.5.1
IscBind Version9.5.1 Updateb1
IscBind Version9.5.1 Updateb2
IscBind Version9.5.1 Updateb3
IscBind Version9.5.1 Updaterc1
IscBind Version9.5.1 Updaterc2
IscBind Version9.5.2
IscBind Version9.5.2 Updateb1
IscBind Version9.5.2 Updaterc1
IscBind Version9.6.0
IscBind Version9.6.0 Updatea1
IscBind Version9.6.0 Updateb1
IscBind Version9.6.0 Updatep1
IscBind Version9.6.0 Updaterc1
IscBind Version9.6.0 Updaterc2
IscBind Version9.6.1
IscBind Version9.6.1 Updateb1
IscBind Version9.6.1 Updatep1
IscBind Version9.6.1 Updaterc1
IscBind Version9.7.0
IscBind Version9.7.0 Updatea1
IscBind Version9.7.0 Updatea2
IscBind Version9.7.0 Updatea3
IscBind Version9.7.0 Updateb1
IscBind Version9.7.0 Updateb2
IscBind Version9.7.0 Updateb3
IscBind Version9.7.0 Updatep1
IscBind Version9.7.0 Updaterc1
IscBind Version9.7.0 Updaterc2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.95% 0.94
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
http://www.vupen.com/english/advisories/2010/0622
Vendor Advisory
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://secunia.com/advisories/38794
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0528
Vendor Advisory
http://secunia.com/advisories/38834
Vendor Advisory
ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt
http://secunia.com/advisories/39334
Vendor Advisory
http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://osvdb.org/60493
http://secunia.com/advisories/37426
Vendor Advisory
http://secunia.com/advisories/37491
Vendor Advisory
http://secunia.com/advisories/38219
Vendor Advisory
http://secunia.com/advisories/38240
Vendor Advisory
http://secunia.com/advisories/40730
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
http://support.apple.com/kb/HT5002
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774
http://www.kb.cert.org/vuls/id/418861
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304
http://www.openwall.com/lists/oss-security/2009/11/24/1
http://www.openwall.com/lists/oss-security/2009/11/24/2
http://www.openwall.com/lists/oss-security/2009/11/24/8
http://www.redhat.com/support/errata/RHSA-2009-1620.html
Vendor Advisory
http://www.securityfocus.com/bid/37118
http://www.ubuntu.com/usn/USN-888-1
http://www.vupen.com/english/advisories/2009/3335
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0176
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=538744
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/54416
https://issues.rpath.com/browse/RPL-3152
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459
https://www.isc.org/advisories/CVE-2009-4022v6
Vendor Advisory
https://www.isc.org/advisories/CVE2009-4022
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html