The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV prior to 9.6-ESV-R10-P1, 9.8 prior to 9.8.6-P1, 9.9 prior to 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote malicious users to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isc bind 9.9.3 |
||
isc bind 9.9.0 |
||
isc bind 9.9.1 |
||
isc bind 9.8.0 |
||
isc bind 9.8.1 |
||
isc bind 9.8.2 |
||
isc bind 9.8.3 |
||
isc bind 9.8.5 |
||
isc bind 9.6 |
||
isc bind 9.9.2 |
||
isc bind 9.9.4 |
||
isc bind 9.8.4 |
||
isc bind 9.8.6 |