CVE-2009-4022

Severity

26%

Complexity

49%

Confidentiality

48%

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:N).

Overview

Type

ISC BIND

First reported 15 years ago

2009-11-25 16:30:00

Last updated 7 years ago

2017-09-19 01:29:00

Affected Software

ISC BIND 9.0

9.0

ISC BIND 9.0.0 Release Candidate 1

9.0.0

ISC BIND 9.0.0 Release Candidate 2

9.0.0

ISC BIND 9.0.0 Release Candidate 3

9.0.0

ISC BIND 9.0.0 Release Candidate 4

9.0.0

ISC BIND 9.0.0 Release Candidate 5

9.0.0

ISC BIND 9.0.0 Release Candidate 6

9.0.0

ISC BIND 9.0.1

9.0.1

ISC BIND 9.0.1 Release Candidate 1

9.0.1

ISC BIND 9.0.1 Release Candidate 2

9.0.1

ISC BIND 9.1

9.1

ISC BIND 9.1.0 Release Candidate 1

9.1.0

ISC BIND 9.1.1

9.1.1

ISC BIND 9.1.1 Release Candidate 1

9.1.1

ISC BIND 9.1.1 Release Candidate 2

9.1.1

ISC BIND 9.1.1 Release Candidate 3

9.1.1

ISC BIND 9.1.1 Release Candidate 4

9.1.1

ISC BIND 9.1.1 Release Candidate 5

9.1.1

ISC BIND 9.1.1 Release Candidate 6

9.1.1

ISC BIND 9.1.1 Release Candidate 7

9.1.1

ISC BIND 9.1.2

9.1.2

ISC BIND 9.1.2 Release Candidate 1

9.1.2

ISC BIND 9.1.3

9.1.3

ISC BIND 9.1.3 Release Candidate 1

9.1.3

ISC BIND 9.1.3 Release Candidate 2

9.1.3

ISC BIND 9.1.3 Release Candidate 3

9.1.3

ISC BIND 9.2

9.2

ISC BIND 9.2.0

9.2.0

ISC BIND 9.2.0 Alpha 1

9.2.0

ISC BIND 9.2.0 Alpha 2

9.2.0

ISC BIND 9.2.0 Alpha 3

9.2.0

ISC BIND 9.2.0 Beta 1

9.2.0

ISC BIND 9.2.0 Beta 2

9.2.0

ISC BIND 9.2.0 Release Candidate 1

9.2.0

ISC BIND 9.2.0 Release Candidate 10

9.2.0

ISC BIND 9.2.0 Release Candidate 2

9.2.0

ISC BIND 9.2.0 Release Candidate 3

9.2.0

ISC BIND 9.2.0 Release Candidate 4

9.2.0

ISC BIND 9.2.0 Release Candidate 5

9.2.0

ISC BIND 9.2.0 Release Candidate 6

9.2.0

ISC BIND 9.2.0 Release Candidate 7

9.2.0

ISC BIND 9.2.0 Release Candidate 8

9.2.0

ISC BIND 9.2.0 Release Candidate 9

9.2.0

ISC BIND 9.2.1

9.2.1

ISC BIND 9.2.1 Release Candidate 1

9.2.1

ISC BIND 9.2.1 Release Candidate 2

9.2.1

ISC BIND 9.2.2

9.2.2

ISC BIND 9.2.2 Patch 2

9.2.2

ISC BIND 9.2.2 P3

9.2.2

ISC BIND 9.2.2 Release Candidate 1

9.2.2

ISC BIND 9.2.3

9.2.3

ISC BIND 9.2.3 Release Candidate 1

9.2.3

ISC BIND 9.2.3 Release Candidate 2

9.2.3

ISC BIND 9.2.3 Release Candidate 3

9.2.3

ISC BIND 9.2.3 Release Candidate 4

9.2.3

ISC BIND 9.2.4

9.2.4

ISC BIND 9.2.4 Release Candidate 2

9.2.4

ISC BIND 9.2.4 Release Candidate 3

9.2.4

ISC BIND 9.2.4 Release Candidate 4

9.2.4

ISC BIND 9.2.4 Release Candidate 5

9.2.4

ISC BIND 9.2.4 Release Candidate 6

9.2.4

ISC BIND 9.2.4 Release Candidate 7

9.2.4

ISC BIND 9.2.4 Release Candidate 8

9.2.4

ISC BIND 9.2.5

9.2.5

ISC BIND 9.2.5 Beta 2

9.2.5

ISC BIND 9.2.5 Release Candidate 1

9.2.5

ISC BIND 9.2.6

9.2.6

ISC BIND 9.2.6 Release Candidate 1

9.2.6

ISC BIND 9.2.7

9.2.7

ISC BIND 9.2.7 Release Candidate 1

9.2.7

ISC BIND 9.2.7 Release Candidate 2

9.2.7

ISC BIND 9.2.7 Release Candidate 3

9.2.7

ISC BIND 9.2.8

9.2.8

ISC BIND 9.2.9

9.2.9

ISC BIND 9.2.9 Release Candidate 1

9.2.9

ISC BIND 9.3

9.3

ISC BIND 9.3.0

9.3.0

ISC BIND 9.3.0 Beta 2

9.3.0

ISC BIND 9.3.0 Beta 3

9.3.0

ISC BIND 9.3.0 Beta 4

9.3.0

ISC BIND 9.3.0 Release Candidate 1

9.3.0

ISC BIND 9.3.0 Release Candidate 2

9.3.0

ISC BIND 9.3.0 Release Candidate 3

9.3.0

ISC BIND 9.3.0 Release Candidate 4

9.3.0

ISC BIND 9.3.1

9.3.1

ISC BIND 9.3.1 Beta 2

9.3.1

ISC BIND 9.3.1 Release Candidate 1

9.3.1

ISC BIND 9.3.2

9.3.2

ISC BIND 9.3.2 Release Candidate 1

9.3.2

ISC BIND 9.3.3

9.3.3

ISC BIND 9.3.3 Release Candidate 1

9.3.3

ISC BIND 9.3.3 Release Candidate 2

9.3.3

ISC BIND 9.3.3 Release Candidate 3

9.3.3

ISC BIND 9.3.4

9.3.4

ISC BIND 9.3.5

9.3.5

ISC BIND 9.3.5 Release Candidate 1

9.3.5

ISC BIND 9.3.5 Release Candidate 2

9.3.5

ISC BIND 9.3.6

9.3.6

ISC BIND 9.3.6 Release Candidate 1

9.3.6

ISC BIND 9.4.0

9.4.0

ISC BIND 9.4.0 Alpha 1

9.4.0

ISC BIND 9.4.0 Alpha 2

9.4.0

ISC BIND 9.4.0 Alpha 3

9.4.0

ISC BIND 9.4.0 Alpha 4

9.4.0

ISC BIND 9.4.0 Alpha 5

9.4.0

ISC BIND 9.4.0 Alpha 6

9.4.0

ISC BIND 9.4.0 Beta 1

9.4.0

ISC BIND 9.4.0 Beta 2

9.4.0

ISC BIND 9.4.0 Beta 3

9.4.0

ISC BIND 9.4.0 Beta 4

9.4.0

ISC BIND 9.4.0rc1

9.4.0

ISC BIND 9.4.0 Release Candidate 2

9.4.0

ISC BIND 9.4.1

9.4.1

ISC BIND 9.4.2

9.4.2

ISC BIND 9.4.2 Release Candidate 1

9.4.2

ISC BIND 9.4.2 Release Candidate 2

9.4.2

ISC BIND 9.4.3

9.4.3

ISC BIND 9.4.3 Beta 1

9.4.3

ISC BIND 9.4.3 Beta 2

9.4.3

ISC BIND 9.4.3 Beta 3

9.4.3

ISC BIND 9.4.3 Patch 1

9.4.3

ISC BIND 9.4.3 Patch 2

9.4.3

ISC BIND 9.4.3 Patch 3

9.4.3

ISC BIND 9.4.3 rc1

9.4.3

ISC BIND 9.5.0

9.5.0

ISC BIND 9.5.0 Alpha 1

9.5.0

ISC BIND 9.5.0 Alpha 2

9.5.0

ISC BIND 9.5.0 Alpha 3

9.5.0

ISC BIND 9.5.0 Alpha 4

9.5.0

ISC BIND 9.5.0 Alpha 5

9.5.0

ISC BIND 9.5.0 Alpha 6

9.5.0

ISC BIND 9.5.0 Alpha 7

9.5.0

ISC BIND 9.5.0 Beta 1

9.5.0

ISC BIND 9.5.0 Beta 2

9.5.0

ISC BIND 9.5.0 Beta 3

9.5.0

ISC BIND 9.5.0 Patch 1

9.5.0

ISC BIND 9.5.0 Patch 2

9.5.0

ISC BIND 9.5.0 Patch 2 W1

9.5.0

ISC BIND 9.5.0 Patch 2 W2

9.5.0

ISC BIND 9.5.0 rc1

9.5.0

ISC BIND 9.5.1

9.5.1

ISC BIND 9.5.1 Beta 1

9.5.1

ISC BIND 9.5.1 Beta 2

9.5.1

ISC BIND 9.5.1 Beta 3

9.5.1

ISC BIND 9.5.1 rc1

9.5.1

ISC BIND 9.5.1 rc2

9.5.1

ISC BIND 9.5.2

9.5.2

ISC BIND 9.5.2 Beta 1

9.5.2

ISC BIND 9.5.2 release candidate 1

9.5.2

ISC BIND 9.6.0

9.6.0

ISC BIND 9.6.0 Alpha 1

9.6.0

ISC BIND 9.6.0 Beta 1

9.6.0

ISC BIND 9.6.0 p1

9.6.0

ISC BIND 9.6.0 rc1

9.6.0

ISC BIND 9.6.0 rc2

9.6.0

ISC BIND 9.6.1

9.6.1

ISC BIND 9.6.1 Beta 1

9.6.1

ISC BIND 9.6.1 P1

9.6.1

ISC BIND 9.6.1 Release Candidate 1

9.6.1

ISC BIND 9.7.0

9.7.0

ISC BIND 9.7.0 Alpha 1

9.7.0

ISC BIND 9.7.0 Alpha 2

9.7.0

ISC BIND 9.7.0 Alpha 3

9.7.0

ISC BIND 9.7.0 Beta 1

9.7.0

ISC BIND 9.7.0 Beta 2

9.7.0

ISC BIND 9.7.0 Beta 3

9.7.0

ISC BIND 9.7.0 p1

9.7.0

ISC BIND 9.7.0 Release Candidate 1

9.7.0

ISC BIND 9.7.0 Release Candidate 2

9.7.0

References

ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc

APPLE-SA-2011-10-12-3

[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

60493

37426

Vendor Advisory

37491

Vendor Advisory

38219

Vendor Advisory

38240

Vendor Advisory

38794

Vendor Advisory

38834

Vendor Advisory

39334

Vendor Advisory

40730

Vendor Advisory

1021660

1021798

http://support.apple.com/kb/HT5002

http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

IZ68597

IZ71667

IZ71774

VU#418861

US Government Resource

MDVSA-2009:304

[oss-security] 20091124 a new bind issue

[oss-security] 20091124 CVE request: BIND 9 bug involving DNSSEC and the additional section

[oss-security] 20091124 Re: a new bind issue

RHSA-2009:1620

Vendor Advisory

37118

USN-888-1

ADV-2009-3335

Vendor Advisory

ADV-2010-0176

Vendor Advisory

ADV-2010-0528

Vendor Advisory

ADV-2010-0622

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=538744

Patch

bind-dnssec-cache-poisoning(54416)

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

https://issues.rpath.com/browse/RPL-3152

oval:org.mitre.oval:def:10821

oval:org.mitre.oval:def:11745

oval:org.mitre.oval:def:7261

oval:org.mitre.oval:def:7459

https://www.isc.org/advisories/CVE2009-4022

Vendor Advisory

https://www.isc.org/advisories/CVE-2009-4022v6

Vendor Advisory

FEDORA-2009-12218

FEDORA-2009-12233

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.