Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2011-1910

Published: 31/05/2011 Updated: 09/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 447
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Bind

Vulnerability Summary

Off-by-one error in named in ISC BIND 9.x prior to 9.7.3-P1, 9.8.x prior to 9.8.0-P2, 9.4-ESV prior to 9.4-ESV-R4-P1, and 9.6-ESV prior to 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 9.8.0

isc bind 9.7.3

isc bind 9.7.1

isc bind 9.7.0

isc bind 9.6.3

isc bind 9.6.1

isc bind 9.6.0

isc bind 9.6

isc bind 9.5.2

isc bind 9.5.1

isc bind 9.5.0

isc bind 9.5

isc bind 9.4.3

isc bind 9.4.2

isc bind 9.4.0

isc bind 9.4

isc bind 9.3.6

isc bind 9.3.3

isc bind 9.3.0

isc bind 9.2.9

isc bind 9.2.6

isc bind 9.2.5

isc bind 9.2.4

isc bind 9.2.3

isc bind 9.2.2

isc bind 9.2.0

isc bind 9.2

isc bind 9.1.3

isc bind 9.1.1

isc bind 9.0.1

isc bind 9.0.0

isc bind 9.7.2

isc bind 9.3.5

isc bind 9.2.1

isc bind 9.1.0

isc bind 9.1

isc bind 9.6.2

isc bind 9.5.3

isc bind 9.3.2

isc bind 9.3.1

isc bind 9.2.8

isc bind 9.2.7

isc bind 9.1.2

isc bind 9.4.1

isc bind 9.3.4

isc bind 9.3

isc bind 9.0

Vendor Advisories

Ubuntu Security Notice: bind9 vulnerabilities
An attacker could send crafted input to Bind and cause it to crash ...
Debian Security Advisories: DSA-2244-1 bind9 -- incorrect boundary condition
It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses The resulting assertion failure causes the name server process to crash, making name resolution unavailable (CVE-2011-1910) In addition, this update fixes handling of certain signed/unsigned zone combi ...

References

CWE-189https://bugzilla.redhat.com/show_bug.cgi?id=708301https://www.isc.org/software/bind/advisories/cve-2011-1910http://www.securityfocus.com/bid/48007http://secunia.com/advisories/44719http://www.debian.org/security/2011/dsa-2244http://www.securitytracker.com/id?1025572http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.685026http://osvdb.org/72540http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.aschttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061082.htmlhttp://secunia.com/advisories/44744http://www.mandriva.com/security/advisories?name=MDVSA-2011:104http://secunia.com/advisories/44741http://www.redhat.com/support/errata/RHSA-2011-0845.htmlhttp://www.kb.cert.org/vuls/id/795694http://secunia.com/advisories/44762https://hermes.opensuse.org/messages/8699912http://secunia.com/advisories/44758http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.htmlhttp://secunia.com/advisories/44677http://secunia.com/advisories/44783http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.htmlhttp://secunia.com/advisories/44929http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlhttp://support.apple.com/kb/HT5002http://marc.info/?l=bugtraq&m=142180687100892&w=2https://usn.ubuntu.com/1139-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/795694
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook