Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2002-1220

Published: 29/11/2002 Updated: 03/05/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Isc

Vulnerability Summary

BIND 8.3.x up to and including 8.3.3 allows remote malicious users to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 8.3.3

isc bind 8.3.1

isc bind 8.3.2

isc bind 8.3.0

openbsd openbsd 3.2

openbsd openbsd 3.0

openbsd openbsd 3.1

freebsd freebsd 4.4

freebsd freebsd 4.5

freebsd freebsd 4.6

freebsd freebsd 4.7

Vendor Advisories

Debian Security Advisories: DSA-196-1 bind -- several vulnerabilities
[Bind version 9, the bind9 package, is not affected by these problems] ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND) BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet DNS is a vital Int ...

Exploits

Exploit DB: ISC BIND 8.3.x - OPT Record Large UDP Denial of Service
source: wwwsecurityfocuscom/bid/6161/info ISC BIND is vulnerable to a denial of service attack When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is attached, the server may fail /* * * bind_optdosc * * OPT DoS Remote Exploit for BIND 830 - 833-REL ...

References

NVD-CWE-Otherhttp://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469http://www.isc.org/products/BIND/bind-security.htmlhttp://www.cert.org/advisories/CA-2002-31.htmlhttp://www.kb.cert.org/vuls/id/229595http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.htmlhttp://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.phphttp://www.debian.org/security/2002/dsa-196http://www.ciac.org/ciac/bulletins/n-013.shtmlhttp://online.securityfocus.com/archive/1/300019http://online.securityfocus.com/advisories/4999http://www.securityfocus.com/bid/6161http://marc.info/?l=bugtraq&m=103763574715133&w=2http://marc.info/?l=bugtraq&m=103713117612842&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A449https://exchange.xforce.ibmcloud.com/vulnerabilities/10332https://nvd.nist.govhttps://www.debian.org/security/./dsa-196https://www.exploit-db.com/exploits/22011/https://www.kb.cert.org/vuls/id/229595
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook