CVE-2012-5689

ISC BIND 9.8.x-9.8.4-P1 and 9.9.x-9.9.2-P1 - Denial of Service via DNS64 AAAA Query

Title source: llm
STIX 2.1

Description

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_confirm
https://kb.isc.org/article/AA-00855/
Vendor Advisory x_refsource_confirm
http://www.isc.org/software/bind/advisories/cve-2012-5689
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2693-1
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0550.html

Scores

EPSS 0.0381
EPSS Percentile 88.3%

Details

CWE
CWE-20
Status published
Products (17)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 15.04
isc/bind 9.9.0 (10 CPE variants)
isc/bind 9.9.1 (3 CPE variants)
isc/bind 9.9.2
isc/bind 9.8.0 (7 CPE variants)
isc/bind 9.8.1 (6 CPE variants)
isc/bind 9.8.2 b1 (3 CPE variants)
isc/bind 9.8.3 (3 CPE variants)
... and 7 more
Published Jan 25, 2013
Tracked Since Feb 18, 2026