CVE-2007-0494

Severity

43%

Complexity

86%

Confidentiality

48%

Syccessful exploitation requires that the victim has enabled dnssec validation in named.conf by specifying trusted-keys.

ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.

Syccessful exploitation requires that the victim has enabled dnssec validation in named.conf by specifying trusted-keys.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P).

Overview

Type

ISC BIND

First reported 18 years ago

2007-01-25 20:28:00

Last updated 7 years ago

2017-10-11 01:31:00

Affected Software

ISC BIND 9.0

9.0

ISC BIND 9.0.0 Release Candidate 1

9.0.0

ISC BIND 9.0.0 Release Candidate 2

9.0.0

ISC BIND 9.0.0 Release Candidate 3

9.0.0

ISC BIND 9.0.0 Release Candidate 4

9.0.0

ISC BIND 9.0.0 Release Candidate 5

9.0.0

ISC BIND 9.0.0 Release Candidate 6

9.0.0

ISC BIND 9.0.1

9.0.1

ISC BIND 9.0.1 Release Candidate 1

9.0.1

ISC BIND 9.0.1 Release Candidate 2

9.0.1

ISC BIND 9.1

9.1

ISC BIND 9.1.0 Release Candidate 1

9.1.0

ISC BIND 9.1.1

9.1.1

ISC BIND 9.1.1 Release Candidate 1

9.1.1

ISC BIND 9.1.1 Release Candidate 2

9.1.1

ISC BIND 9.1.1 Release Candidate 3

9.1.1

ISC BIND 9.1.1 Release Candidate 4

9.1.1

ISC BIND 9.1.1 Release Candidate 5

9.1.1

ISC BIND 9.1.1 Release Candidate 6

9.1.1

ISC BIND 9.1.1 Release Candidate 7

9.1.1

ISC BIND 9.1.2

9.1.2

ISC BIND 9.1.2 Release Candidate 1

9.1.2

ISC BIND 9.1.3

9.1.3

ISC BIND 9.1.3 Release Candidate 1

9.1.3

ISC BIND 9.1.3 Release Candidate 2

9.1.3

ISC BIND 9.1.3 Release Candidate 3

9.1.3

ISC BIND 9.2

9.2

ISC BIND 9.2.0

9.2.0

ISC BIND 9.2.0 Alpha 1

9.2.0

ISC BIND 9.2.0 Alpha 2

9.2.0

ISC BIND 9.2.0 Alpha 3

9.2.0

ISC BIND 9.2.0 Beta 1

9.2.0

ISC BIND 9.2.0 Beta 2

9.2.0

ISC BIND 9.2.0 Release Candidate 1

9.2.0

ISC BIND 9.2.0 Release Candidate 10

9.2.0

ISC BIND 9.2.0 Release Candidate 2

9.2.0

ISC BIND 9.2.0 Release Candidate 3

9.2.0

ISC BIND 9.2.0 Release Candidate 4

9.2.0

ISC BIND 9.2.0 Release Candidate 5

9.2.0

ISC BIND 9.2.0 Release Candidate 6

9.2.0

ISC BIND 9.2.0 Release Candidate 7

9.2.0

ISC BIND 9.2.0 Release Candidate 8

9.2.0

ISC BIND 9.2.0 Release Candidate 9

9.2.0

ISC BIND 9.2.1

9.2.1

ISC BIND 9.2.1 Release Candidate 1

9.2.1

ISC BIND 9.2.1 Release Candidate 2

9.2.1

ISC BIND 9.2.2

9.2.2

ISC BIND 9.2.2 Patch 2

9.2.2

ISC BIND 9.2.2 P3

9.2.2

ISC BIND 9.2.2 Release Candidate 1

9.2.2

ISC BIND 9.2.3

9.2.3

ISC BIND 9.2.3 Release Candidate 1

9.2.3

ISC BIND 9.2.3 Release Candidate 2

9.2.3

ISC BIND 9.2.3 Release Candidate 3

9.2.3

ISC BIND 9.2.3 Release Candidate 4

9.2.3

ISC BIND 9.2.4

9.2.4

ISC BIND 9.2.4 Release Candidate 2

9.2.4

ISC BIND 9.2.4 Release Candidate 3

9.2.4

ISC BIND 9.2.4 Release Candidate 4

9.2.4

ISC BIND 9.2.4 Release Candidate 5

9.2.4

ISC BIND 9.2.4 Release Candidate 6

9.2.4

ISC BIND 9.2.4 Release Candidate 7

9.2.4

ISC BIND 9.2.4 Release Candidate 8

9.2.4

ISC BIND 9.2.5

9.2.5

ISC BIND 9.2.5 Beta 2

9.2.5

ISC BIND 9.2.5 Release Candidate 1

9.2.5

ISC BIND 9.2.6

9.2.6

ISC BIND 9.2.6 Release Candidate 1

9.2.6

ISC BIND 9.3

9.3

ISC BIND 9.3.0

9.3.0

ISC BIND 9.3.0 Beta 2

9.3.0

ISC BIND 9.3.0 Beta 3

9.3.0

ISC BIND 9.3.0 Beta 4

9.3.0

ISC BIND 9.3.0 Release Candidate 1

9.3.0

ISC BIND 9.3.0 Release Candidate 2

9.3.0

ISC BIND 9.3.0 Release Candidate 3

9.3.0

ISC BIND 9.3.0 Release Candidate 4

9.3.0

ISC BIND 9.3.1

9.3.1

ISC BIND 9.3.1 Beta 2

9.3.1

ISC BIND 9.3.1 Release Candidate 1

9.3.1

ISC BIND 9.3.2

9.3.2

ISC BIND 9.3.2 Release Candidate 1

9.3.2

ISC BIND 9.4.0 Alpha 1

9.4.0

ISC BIND 9.4.0 Alpha 2

9.4.0

ISC BIND 9.4.0 Alpha 3

9.4.0

ISC BIND 9.4.0 Alpha 4

9.4.0

ISC BIND 9.4.0 Alpha 5

9.4.0

ISC BIND 9.4.0 Beta 1

9.4.0

ISC BIND 9.4.0 Beta 2

9.4.0

ISC BIND 9.4.0 Beta 3

9.4.0

ISC BIND 9.4.0rc1

9.4.0

ISC BIND 9.5.0 Alpha 1

9.5.0

References

20070201-01-P

http://docs.info.apple.com/article.html?artnum=305530

FEDORA-2007-147

FEDORA-2007-164

NetBSD-SA2007-003

SSRT061273

APPLE-SA-2007-05-24

20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

SUSE-SA:2007:014

[bind-announce] 20070125 Internet Systems Consortium Security Advisory.

24284

24648

Vendor Advisory

24930

Vendor Advisory

24950

Vendor Advisory

25402

Vendor Advisory

25482

25649

25715

26909

27706

FreeBSD-SA-07:02

GLSA-200702-06

1017573

SSA:2007-026-01

102969

http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm

DSA-1254

http://www.isc.org/index.pl?/sw/bind/bind-security.php

http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8

Patch

http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4

Patch

CVE-2007-0494

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

Type

First reported 18 years ago

Last updated 7 years ago

Affected Software

ISC BIND 9.0

ISC BIND 9.0.0 Release Candidate 1

ISC BIND 9.0.0 Release Candidate 2

ISC BIND 9.0.0 Release Candidate 3

ISC BIND 9.0.0 Release Candidate 4

ISC BIND 9.0.0 Release Candidate 5

ISC BIND 9.0.0 Release Candidate 6

ISC BIND 9.0.1

ISC BIND 9.0.1 Release Candidate 1

ISC BIND 9.0.1 Release Candidate 2

ISC BIND 9.1

ISC BIND 9.1.0 Release Candidate 1

ISC BIND 9.1.1

ISC BIND 9.1.1 Release Candidate 1

ISC BIND 9.1.1 Release Candidate 2

ISC BIND 9.1.1 Release Candidate 3

ISC BIND 9.1.1 Release Candidate 4

ISC BIND 9.1.1 Release Candidate 5

ISC BIND 9.1.1 Release Candidate 6

ISC BIND 9.1.1 Release Candidate 7

ISC BIND 9.1.2

ISC BIND 9.1.2 Release Candidate 1

ISC BIND 9.1.3

ISC BIND 9.1.3 Release Candidate 1

ISC BIND 9.1.3 Release Candidate 2

ISC BIND 9.1.3 Release Candidate 3

ISC BIND 9.2

ISC BIND 9.2.0

ISC BIND 9.2.0 Alpha 1

ISC BIND 9.2.0 Alpha 2

ISC BIND 9.2.0 Alpha 3

ISC BIND 9.2.0 Beta 1

ISC BIND 9.2.0 Beta 2

ISC BIND 9.2.0 Release Candidate 1

ISC BIND 9.2.0 Release Candidate 10

ISC BIND 9.2.0 Release Candidate 2

ISC BIND 9.2.0 Release Candidate 3

ISC BIND 9.2.0 Release Candidate 4

ISC BIND 9.2.0 Release Candidate 5

ISC BIND 9.2.0 Release Candidate 6

ISC BIND 9.2.0 Release Candidate 7

ISC BIND 9.2.0 Release Candidate 8

ISC BIND 9.2.0 Release Candidate 9

ISC BIND 9.2.1

ISC BIND 9.2.1 Release Candidate 1

ISC BIND 9.2.1 Release Candidate 2

ISC BIND 9.2.2

ISC BIND 9.2.2 Patch 2

ISC BIND 9.2.2 P3

ISC BIND 9.2.2 Release Candidate 1

ISC BIND 9.2.3

ISC BIND 9.2.3 Release Candidate 1

ISC BIND 9.2.3 Release Candidate 2

ISC BIND 9.2.3 Release Candidate 3

ISC BIND 9.2.3 Release Candidate 4

ISC BIND 9.2.4

ISC BIND 9.2.4 Release Candidate 2

ISC BIND 9.2.4 Release Candidate 3

ISC BIND 9.2.4 Release Candidate 4

ISC BIND 9.2.4 Release Candidate 5

ISC BIND 9.2.4 Release Candidate 6

ISC BIND 9.2.4 Release Candidate 7

ISC BIND 9.2.4 Release Candidate 8

ISC BIND 9.2.5

ISC BIND 9.2.5 Beta 2

ISC BIND 9.2.5 Release Candidate 1

ISC BIND 9.2.6

ISC BIND 9.2.6 Release Candidate 1