2.6

CVE-2009-4022

EPSS 20.04%
Published 25.11.2009 16:30:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.

Affected products Warnungen 0 Metrics 2 CWE 0 References 47

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Bind Version9.0

Isc ≫ Bind Version9.0.0 Updaterc1

Isc ≫ Bind Version9.0.0 Updaterc2

Isc ≫ Bind Version9.0.0 Updaterc3

Isc ≫ Bind Version9.0.0 Updaterc4

Isc ≫ Bind Version9.0.0 Updaterc5

Isc ≫ Bind Version9.0.0 Updaterc6

Isc ≫ Bind Version9.0.1

Isc ≫ Bind Version9.0.1 Updaterc1

Isc ≫ Bind Version9.0.1 Updaterc2

Isc ≫ Bind Version9.1

Isc ≫ Bind Version9.1.0 Updaterc1

Isc ≫ Bind Version9.1.1

Isc ≫ Bind Version9.1.1 Updaterc1

Isc ≫ Bind Version9.1.1 Updaterc2

Isc ≫ Bind Version9.1.1 Updaterc3

Isc ≫ Bind Version9.1.1 Updaterc4

Isc ≫ Bind Version9.1.1 Updaterc5

Isc ≫ Bind Version9.1.1 Updaterc6

Isc ≫ Bind Version9.1.1 Updaterc7

Isc ≫ Bind Version9.1.2

Isc ≫ Bind Version9.1.2 Updaterc1

Isc ≫ Bind Version9.1.3

Isc ≫ Bind Version9.1.3 Updaterc1

Isc ≫ Bind Version9.1.3 Updaterc2

Isc ≫ Bind Version9.1.3 Updaterc3

Isc ≫ Bind Version9.2

Isc ≫ Bind Version9.2.0

Isc ≫ Bind Version9.2.0 Updatea1

Isc ≫ Bind Version9.2.0 Updatea2

Isc ≫ Bind Version9.2.0 Updatea3

Isc ≫ Bind Version9.2.0 Updateb1

Isc ≫ Bind Version9.2.0 Updateb2

Isc ≫ Bind Version9.2.0 Updaterc1

Isc ≫ Bind Version9.2.0 Updaterc10

Isc ≫ Bind Version9.2.0 Updaterc2

Isc ≫ Bind Version9.2.0 Updaterc3

Isc ≫ Bind Version9.2.0 Updaterc4

Isc ≫ Bind Version9.2.0 Updaterc5

Isc ≫ Bind Version9.2.0 Updaterc6

Isc ≫ Bind Version9.2.0 Updaterc7

Isc ≫ Bind Version9.2.0 Updaterc8

Isc ≫ Bind Version9.2.0 Updaterc9

Isc ≫ Bind Version9.2.1

Isc ≫ Bind Version9.2.1 Updaterc1

Isc ≫ Bind Version9.2.1 Updaterc2

Isc ≫ Bind Version9.2.2

Isc ≫ Bind Version9.2.2 Updatep2

Isc ≫ Bind Version9.2.2 Updatep3

Isc ≫ Bind Version9.2.2 Updaterc1

Isc ≫ Bind Version9.2.3

Isc ≫ Bind Version9.2.3 Updaterc1

Isc ≫ Bind Version9.2.3 Updaterc2

Isc ≫ Bind Version9.2.3 Updaterc3

Isc ≫ Bind Version9.2.3 Updaterc4

Isc ≫ Bind Version9.2.4

Isc ≫ Bind Version9.2.4 Updaterc2

Isc ≫ Bind Version9.2.4 Updaterc3

Isc ≫ Bind Version9.2.4 Updaterc4

Isc ≫ Bind Version9.2.4 Updaterc5

Isc ≫ Bind Version9.2.4 Updaterc6

Isc ≫ Bind Version9.2.4 Updaterc7

Isc ≫ Bind Version9.2.4 Updaterc8

Isc ≫ Bind Version9.2.5

Isc ≫ Bind Version9.2.5 Updateb2

Isc ≫ Bind Version9.2.5 Updaterc1

Isc ≫ Bind Version9.2.6

Isc ≫ Bind Version9.2.6 Updaterc1

Isc ≫ Bind Version9.2.7

Isc ≫ Bind Version9.2.7 Updaterc1

Isc ≫ Bind Version9.2.7 Updaterc2

Isc ≫ Bind Version9.2.7 Updaterc3

Isc ≫ Bind Version9.2.8

Isc ≫ Bind Version9.2.9

Isc ≫ Bind Version9.2.9 Updaterc1

Isc ≫ Bind Version9.3

Isc ≫ Bind Version9.3.0

Isc ≫ Bind Version9.3.0 Updateb2

Isc ≫ Bind Version9.3.0 Updateb3

Isc ≫ Bind Version9.3.0 Updateb4

Isc ≫ Bind Version9.3.0 Updaterc1

Isc ≫ Bind Version9.3.0 Updaterc2

Isc ≫ Bind Version9.3.0 Updaterc3

Isc ≫ Bind Version9.3.0 Updaterc4

Isc ≫ Bind Version9.3.1

Isc ≫ Bind Version9.3.1 Updateb2

Isc ≫ Bind Version9.3.1 Updaterc1

Isc ≫ Bind Version9.3.2

Isc ≫ Bind Version9.3.2 Updaterc1

Isc ≫ Bind Version9.3.3

Isc ≫ Bind Version9.3.3 Updaterc1

Isc ≫ Bind Version9.3.3 Updaterc2

Isc ≫ Bind Version9.3.3 Updaterc3

Isc ≫ Bind Version9.3.4

Isc ≫ Bind Version9.3.5

Isc ≫ Bind Version9.3.5 Updaterc1

Isc ≫ Bind Version9.3.5 Updaterc2

Isc ≫ Bind Version9.3.6

Isc ≫ Bind Version9.3.6 Updaterc1

Isc ≫ Bind Version9.4.0

Isc ≫ Bind Version9.4.0 Updatea1

Isc ≫ Bind Version9.4.0 Updatea2

Isc ≫ Bind Version9.4.0 Updatea3

Isc ≫ Bind Version9.4.0 Updatea4

Isc ≫ Bind Version9.4.0 Updatea5

Isc ≫ Bind Version9.4.0 Updatea6

Isc ≫ Bind Version9.4.0 Updateb1

Isc ≫ Bind Version9.4.0 Updateb2

Isc ≫ Bind Version9.4.0 Updateb3

Isc ≫ Bind Version9.4.0 Updateb4

Isc ≫ Bind Version9.4.0 Updaterc1

Isc ≫ Bind Version9.4.0 Updaterc2

Isc ≫ Bind Version9.4.1

Isc ≫ Bind Version9.4.2

Isc ≫ Bind Version9.4.2 Updaterc1

Isc ≫ Bind Version9.4.2 Updaterc2

Isc ≫ Bind Version9.4.3

Isc ≫ Bind Version9.4.3 Updateb1

Isc ≫ Bind Version9.4.3 Updateb2

Isc ≫ Bind Version9.4.3 Updateb3

Isc ≫ Bind Version9.4.3 Updatep1

Isc ≫ Bind Version9.4.3 Updatep2

Isc ≫ Bind Version9.4.3 Updatep3

Isc ≫ Bind Version9.4.3 Updaterc1

Isc ≫ Bind Version9.5.0

Isc ≫ Bind Version9.5.0 Updatea1

Isc ≫ Bind Version9.5.0 Updatea2

Isc ≫ Bind Version9.5.0 Updatea3

Isc ≫ Bind Version9.5.0 Updatea4

Isc ≫ Bind Version9.5.0 Updatea5

Isc ≫ Bind Version9.5.0 Updatea6

Isc ≫ Bind Version9.5.0 Updatea7

Isc ≫ Bind Version9.5.0 Updateb1

Isc ≫ Bind Version9.5.0 Updateb2

Isc ≫ Bind Version9.5.0 Updateb3

Isc ≫ Bind Version9.5.0 Updatep1

Isc ≫ Bind Version9.5.0 Updatep2

Isc ≫ Bind Version9.5.0 Updatep2_w1

Isc ≫ Bind Version9.5.0 Updatep2_w2

Isc ≫ Bind Version9.5.0 Updaterc1

Isc ≫ Bind Version9.5.1

Isc ≫ Bind Version9.5.1 Updateb1

Isc ≫ Bind Version9.5.1 Updateb2

Isc ≫ Bind Version9.5.1 Updateb3

Isc ≫ Bind Version9.5.1 Updaterc1

Isc ≫ Bind Version9.5.1 Updaterc2

Isc ≫ Bind Version9.5.2

Isc ≫ Bind Version9.5.2 Updateb1

Isc ≫ Bind Version9.5.2 Updaterc1

Isc ≫ Bind Version9.6.0

Isc ≫ Bind Version9.6.0 Updatea1

Isc ≫ Bind Version9.6.0 Updateb1

Isc ≫ Bind Version9.6.0 Updatep1

Isc ≫ Bind Version9.6.0 Updaterc1

Isc ≫ Bind Version9.6.0 Updaterc2

Isc ≫ Bind Version9.6.1

Isc ≫ Bind Version9.6.1 Updateb1

Isc ≫ Bind Version9.6.1 Updatep1

Isc ≫ Bind Version9.6.1 Updaterc1

Isc ≫ Bind Version9.7.0

Isc ≫ Bind Version9.7.0 Updatea1

Isc ≫ Bind Version9.7.0 Updatea2

Isc ≫ Bind Version9.7.0 Updatea3

Isc ≫ Bind Version9.7.0 Updateb1

Isc ≫ Bind Version9.7.0 Updateb2

Isc ≫ Bind Version9.7.0 Updateb3

Isc ≫ Bind Version9.7.0 Updatep1

Isc ≫ Bind Version9.7.0 Updaterc1

Isc ≫ Bind Version9.7.0 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	20.04%	0.95

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:N/I:P/A:N

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

http://www.vupen.com/english/advisories/2010/0622

Vendor Advisory

http://lists.vmware.com/pipermail/security-announce/2010/000082.html

http://secunia.com/advisories/38794

Vendor Advisory

http://www.vupen.com/english/advisories/2010/0528

Vendor Advisory

http://secunia.com/advisories/38834

Vendor Advisory

ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

http://secunia.com/advisories/39334

Vendor Advisory

http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://osvdb.org/60493

http://secunia.com/advisories/37426

Vendor Advisory

http://secunia.com/advisories/37491

Vendor Advisory

http://secunia.com/advisories/38219

Vendor Advisory

http://secunia.com/advisories/38240

Vendor Advisory

http://secunia.com/advisories/40730

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1

http://support.apple.com/kb/HT5002

http://www.ibm.com/support/docview.wss?uid=isg1IZ68597

http://www.ibm.com/support/docview.wss?uid=isg1IZ71667

http://www.ibm.com/support/docview.wss?uid=isg1IZ71774

http://www.kb.cert.org/vuls/id/418861

US Government Resource

http://www.mandriva.com/security/advisories?name=MDVSA-2009:304

http://www.openwall.com/lists/oss-security/2009/11/24/1

http://www.openwall.com/lists/oss-security/2009/11/24/2

http://www.openwall.com/lists/oss-security/2009/11/24/8

http://www.redhat.com/support/errata/RHSA-2009-1620.html

Vendor Advisory

http://www.securityfocus.com/bid/37118

http://www.ubuntu.com/usn/USN-888-1

http://www.vupen.com/english/advisories/2009/3335

Vendor Advisory

http://www.vupen.com/english/advisories/2010/0176

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=538744

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/54416

https://issues.rpath.com/browse/RPL-3152

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459

https://www.isc.org/advisories/CVE-2009-4022v6

Vendor Advisory

https://www.isc.org/advisories/CVE2009-4022

Vendor Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html

https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html

https://nvd.nist.gov/vuln/detail/CVE-2009-4022

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-4022

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-4022

EUVD