Published: 12/02/2001 Updated: 10/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

BIND 4 and BIND 8 allow remote malicious users to access sensitive information such as environment variables.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 4.9.3
isc bind 8.2
isc bind 8.2.2
isc bind 4.9.5
isc bind 4.9.6
isc bind 4.9.7
isc bind 8.2.1

BIND 8 suffered from several buffer overflows It is possible to construct an inverse query that allows the stack to be read remotely exposing environment variables CERT has disclosed information about these issues A new upstream version fixes this Due to the complexity of BIND we have decided to make an exception to our rule by releasing the ne ...

NVD-CWE-Other http://www.cert.org/advisories/CA-2001-02.html http://www.nai.com/research/covert/advisories/047.asp http://www.debian.org/security/2001/dsa-026 http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2321 https://nvd.nist.gov https://www.debian.org/security/./dsa-026 https://www.kb.cert.org/vuls/id/325431

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0012

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect