CVE-2011-0414

EUVD-2011-0440
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
iscbind
9.7.1
iscbind
9.7.1:p1
iscbind
9.7.1:p2
iscbind
9.7.1:rc1
iscbind
9.7.2
iscbind
9.7.2:p1
iscbind
9.7.2:p2
iscbind
9.7.2:p3
iscbind
9.7.2:rc1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
bullseye
1:9.16.50-1~deb11u2
fixed
bullseye (security)
1:9.16.50-1~deb11u1
fixed
lenny
not-affected
sid
1:9.20.2-1
fixed
trixie
1:9.20.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
dapper
not-affected
hardy
not-affected
karmic
not-affected
lucid
not-affected
maverick
Fixed 1:9.7.1.dfsg.P2-2ubuntu0.2
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://secunia.com/advisories/43439
http://secunia.com/advisories/43443
http://www.debian.org/security/2011/dsa-2208
http://www.isc.org/software/bind/advisories/cve-2011-0414
http://www.kb.cert.org/vuls/id/449980
http://www.kb.cert.org/vuls/id/559980
http://www.securitytracker.com/id?1025110
http://www.ubuntu.com/usn/USN-1070-1
http://www.vupen.com/english/advisories/2011/0466
http://www.vupen.com/english/advisories/2011/0489
https://bugzilla.redhat.com/show_bug.cgi?id=679496
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://secunia.com/advisories/43439
http://secunia.com/advisories/43443
http://www.debian.org/security/2011/dsa-2208
http://www.isc.org/software/bind/advisories/cve-2011-0414
http://www.kb.cert.org/vuls/id/449980
http://www.kb.cert.org/vuls/id/559980
http://www.securitytracker.com/id?1025110
http://www.ubuntu.com/usn/USN-1070-1
http://www.vupen.com/english/advisories/2011/0466
http://www.vupen.com/english/advisories/2011/0489
https://bugzilla.redhat.com/show_bug.cgi?id=679496