Vulnerability Details : CVE-2011-2464
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
Vulnerability category: Denial of service
Threat overview for CVE-2011-2464
Top countries where our scanners detected CVE-2011-2464
Top open port discovered on systems with this issue
53
IPs affected by CVE-2011-2464 8,033
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-2464!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-2464
Probability of exploitation activity in the next 30 days: 5.78%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-2464
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2011-2464
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/68375
ISC BIND UPDATE denial of service CVE-2011-2464 Vulnerability Report
-
http://www.securitytracker.com/id?1025742
ISC BIND Packet Processing Flaw Lets Remote Users Deny Service - SecurityTracker
-
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.377171
The Slackware Linux Project: Slackware Security Advisories
-
http://www.kb.cert.org/vuls/id/142646
VU#142646 - ISC BIND 9 named denial of service vulnerabilityUS Government Resource
-
http://www.isc.org/software/bind/advisories/cve-2011-2464
Internet Systems Consortium
-
http://blogs.oracle.com/sunsecurity/entry/cve_2011_2464_remote_denial
CVE-2011-2464 remote denial of service vulnerability in BIND DNS Software | Oracle Third Party Vulnerability Resolution Blog
-
http://www.redhat.com/support/errata/RHSA-2011-0926.html
Support
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13997
Repository / Oval Repository
-
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Apple - Lists.apple.com
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html
[SECURITY] Fedora 14 Update: bind-9.7.4-0.3.b1.fc14
-
http://www.securityfocus.com/bid/48566
ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
-
http://www.debian.org/security/2011/dsa-2272
Debian -- Security Information -- DSA-2272-1 bind9
-
http://marc.info/?l=bugtraq&m=131983337229394&w=2
'[security bulletin] HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS' - MARC
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html
[SECURITY] Fedora 15 Update: bind-9.8.0-7.P4.fc15
-
http://www.securityfocus.com/archive/1/518749/100/0/threaded
SecurityFocus
-
https://www.ubuntu.com/usn/USN-1163-1/
USN-1163-1: Bind vulnerability | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html
[security-announce] SUSE Security Announcement: bind remote denial of se
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:115
mandriva.com
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00006.html
[security-announce] openSUSE-SU-2011:0788-1: important: bind: fixing rem
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html
[security-announce] SUSE-SU-2011:0759-1: important: Security update for
-
http://support.apple.com/kb/HT5002
About the security content of OS X Lion v10.7.2 and Security Update 2011-006 - Apple Support
Products affected by CVE-2011-2464
- cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.1:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.1:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.1:p3:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.7.2b1:*:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*