4.3

CVE-2012-3868

Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version9.9.0
IscBind Version9.9.0 Updatea1
IscBind Version9.9.0 Updatea2
IscBind Version9.9.0 Updatea3
IscBind Version9.9.0 Updateb1
IscBind Version9.9.0 Updateb2
IscBind Version9.9.0 Updaterc1
IscBind Version9.9.0 Updaterc2
IscBind Version9.9.0 Updaterc3
IscBind Version9.9.0 Updaterc4
IscBind Version9.9.1
IscBind Version9.9.1 Updatep1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.18% 0.828
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.