CVE-2001-0010

BIND 8 - Buffer Overflow in TSIG Handling

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2001-0010. PoCs published by Multiple, LSD-PLaNET, Gneisenau.

AI-analyzed exploit summary This exploit targets a vulnerability in BIND 8.2.x (CVE-2001-0010) by leveraging an information leak and TSIG bug to execute arbitrary shellcode. The shellcode creates a bind shell on port 36864, providing remote command execution.

Description

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Multiple · cremotelinux
https://www.exploit-db.com/exploits/282

This exploit targets a vulnerability in BIND 8.2.x (CVE-2001-0010) by leveraging an information leak and TSIG bug to execute arbitrary shellcode. The shellcode creates a bind shell on port 36864, providing remote command execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BIND 8.2.x
No auth needed
Prerequisites: Vulnerable BIND 8.2.x installation · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by LSD-PLaNET · cremotesolaris
https://www.exploit-db.com/exploits/280

This exploit targets a vulnerability in BIND 8.2.x on Solaris 2.7 x86. It uses the 'infoleek' bug to leak stack information and then constructs a malicious DNS packet to execute arbitrary shellcode, spawning a shell on a pre-established TCP connection.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: BIND 8.2, 8.2.1, 8.2.2, 8.2.2-PX
No auth needed
Prerequisites: Network access to port 53 (TCP/UDP) · Vulnerable BIND version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by LSD-PLaNET · cremotelinux
https://www.exploit-db.com/exploits/279

This exploit targets a vulnerability in BIND 8.2.x (CVE-2001-0010) by leveraging an information leak via UDP to obtain stack pointer values, then crafting a malicious DNS TSIG packet to execute shellcode. The shellcode duplicates a socket descriptor and spawns a shell, bypassing firewall restrictions by reusing the established TCP connection on port 53.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: BIND 8.2, 8.2.1, 8.2.2, 8.2.2-PX
No auth needed
Prerequisites: Network access to target's DNS port (53/TCP and 53/UDP) · Vulnerable BIND version running on Linux (Slackware 4.0/RedHat 6.2)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Gneisenau · cremotelinux
https://www.exploit-db.com/exploits/277

This exploit targets a buffer overflow vulnerability in BIND DNS server (CVE-2001-0010) by crafting a malicious DNS query with embedded shellcode. It leverages a stack-based overflow in the TSIG handling code to execute arbitrary commands, specifically spawning a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ISC BIND (versions prior to 8.2.3)
No auth needed
Prerequisites: Network access to vulnerable BIND server · DNS port (53/UDP) reachable
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/2302
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-007.html
Various Sources vendor-advisory x_refsource_nai
http://www.nai.com/research/covert/advisories/047.asp
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2001/dsa-026
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2001-02.html

Scores

EPSS 0.3162
EPSS Percentile 98.1%

Details

Status published
Products (3)
isc/bind 8.2
isc/bind 8.2.1
isc/bind 8.2.2 (8 CPE variants)
Published Feb 12, 2001
Tracked Since Feb 18, 2026