CVE-2011-4313

ISC BIND 9.0.x-9.6.x, 9.4-ESV-R5, 9.6-ESV-R5, 9.7.0-9.7.4, 9.8.0-9.8.1, 9.9.0a1-9.9.0b1 DoS via Recursive DNS Query

Title source: llm

Description

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.

References (39)

Core 39

Core References

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=133978480208466&w=2

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-1459.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2011:176

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14343

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=141879471518471&w=2

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47075

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48308

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2011/dsa-2347

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-1496.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/77159

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=132310123002302&w=2

Various Sources vendor-advisory x_refsource_freebsd

http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/606539

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46943

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46829

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/47043

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00029.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46906

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46536

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46890

Vendor Advisory x_refsource_confirm

http://support.apple.com/kb/HT5501

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=isg1IV11248

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/71332

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46887

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46984

Patch, Vendor Advisory x_refsource_confirm

http://www.isc.org/software/bind/advisories/cve-2011-4313

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-1264-1

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46905

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2011-1458.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/50690

Various Sources vendor-advisory x_refsource_aixapar

http://www-01.ibm.com/support/docview.wss?uid=isg1IV11106

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1026335

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00028.html

Various Sources x_refsource_confirm

http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of

Scores

EPSS 0.0687

EPSS Percentile 91.5%

Details

Status published

Products (12)

isc/bind 9.0

isc/bind 9.0.0 rc1 (6 CPE variants)

isc/bind 9.0.1 (3 CPE variants)

isc/bind 9.1

isc/bind 9.1.0 rc1

isc/bind 9.1.1 (8 CPE variants)

isc/bind 9.1.2 (2 CPE variants)

isc/bind 9.1.3 (4 CPE variants)

isc/bind 9.2.0 (16 CPE variants)

isc/bind 9.2.1 (3 CPE variants)

... and 2 more

Published Nov 29, 2011

Tracked Since Feb 18, 2026