← Back

CVE-2012-5689

nvd nist
Published: Jan 25, 2013Modified: Apr 29, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:C
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

Affected (43)

Isc
1 product
Bind
Redhat
6 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Server Aus
Enterprise Linux Server Eus
Enterprise Linux Workstation
Canonical
1 product
Ubuntu Linux
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Isc
Bind
Version 9.9.0
Bind
Version 9.9.0 a1
Bind
Version 9.9.0 a2
Bind
Version 9.9.0 a3
Bind
Version 9.9.0 b1
Bind
Version 9.9.0 b2
Bind
Version 9.9.0 rc1
Bind
Version 9.9.0 rc2
Bind
Version 9.9.0 rc3
Bind
Version 9.9.0 rc4
Bind
Version 9.9.1
Bind
Version 9.9.1 p1
Bind
Version 9.9.1 p2
Bind
Version 9.9.2
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 6.0
Enterprise Linux Hpc Node
Version 6.0
Enterprise Linux Server
Version 6.0
Enterprise Linux Server Aus
Version 6.4
Enterprise Linux Server Eus
Version 6.4.z
Enterprise Linux Workstation
Version 6.0
Configuration C
20 vulnerable
Vulnerable SoftwareAffected Versions
Isc
Bind
Version 9.8.0
Bind
Version 9.8.0 a1
Bind
Version 9.8.0 b1
Bind
Version 9.8.0 p1
Bind
Version 9.8.0 p2
Bind
Version 9.8.0 p4
Bind
Version 9.8.0 rc1
Bind
Version 9.8.1
Bind
Version 9.8.1 b1
Bind
Version 9.8.1 b2
Bind
Version 9.8.1 b3
Bind
Version 9.8.1 p1
Bind
Version 9.8.1 rc1
Bind
Version 9.8.2 b1
Bind
Version 9.8.2 rc1
Bind
Version 9.8.2 rc2
Bind
Version 9.8.3
Bind
Version 9.8.3 p1
Bind
Version 9.8.3 p2
Bind
Version 9.8.4
Configuration D
3 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 15.04

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.