CVE-2013-4854 : Detail

CVE-2013-4854

92.3%V3
Network
2013-07-26
21h00 +00:00
2017-11-28
13h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE Other No informations.

Metrics

Metrics Score Severity CVSS Vector Source
V2 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.0

Isc>>Bind >> Version 9.7.1

Isc>>Bind >> Version 9.7.1

Isc>>Bind >> Version 9.7.1

Isc>>Bind >> Version 9.7.1

Isc>>Bind >> Version 9.7.2

Isc>>Bind >> Version 9.7.2

Isc>>Bind >> Version 9.7.2

Isc>>Bind >> Version 9.7.2

Isc>>Bind >> Version 9.7.2

Isc>>Bind >> Version 9.7.3

Isc>>Bind >> Version 9.7.3

Isc>>Bind >> Version 9.7.3

Isc>>Bind >> Version 9.7.3

Isc>>Bind >> Version 9.7.4

Isc>>Bind >> Version 9.7.4

Isc>>Bind >> Version 9.7.4

Isc>>Bind >> Version 9.7.4

Isc>>Bind >> Version 9.7.5

Isc>>Bind >> Version 9.7.5

Isc>>Bind >> Version 9.7.5

Isc>>Bind >> Version 9.7.5

Isc>>Bind >> Version 9.7.6

Isc>>Bind >> Version 9.7.6

Isc>>Bind >> Version 9.7.6

Isc>>Bind >> Version 9.7.7

Configuraton 0

Suse>>Suse_linux_enterprise_software_development_kit >> Version 11.0

Suse>>Suse_linux_enterprise_software_development_kit >> Version 11.0

Novell>>Suse_linux >> Version 11

Novell>>Suse_linux >> Version 11

Configuraton 0

Isc>>Dnsco_bind >> Version 9.9.3

Isc>>Dnsco_bind >> Version 9.9.4

Configuraton 0

Opensuse>>Opensuse >> Version 11.4

Configuraton 0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.0

Isc>>Bind >> Version 9.9.1

Isc>>Bind >> Version 9.9.1

Isc>>Bind >> Version 9.9.1

Isc>>Bind >> Version 9.9.2

Isc>>Bind >> Version 9.9.3

Isc>>Bind >> Version 9.9.3

Isc>>Bind >> Version 9.9.3

Isc>>Bind >> Version 9.9.3

Isc>>Bind >> Version 9.9.3

Isc>>Bind >> Version 9.9.3

Configuraton 0

Freebsd>>Freebsd >> Version 8.0

Freebsd>>Freebsd >> Version 8.1

Freebsd>>Freebsd >> Version 8.2

Freebsd>>Freebsd >> Version 8.3

Freebsd>>Freebsd >> Version 8.4

Freebsd>>Freebsd >> Version 9.0

Freebsd>>Freebsd >> Version 9.1

Freebsd>>Freebsd >> Version 9.1

Freebsd>>Freebsd >> Version 9.1

Freebsd>>Freebsd >> Version 9.2

Freebsd>>Freebsd >> Version 9.2

Freebsd>>Freebsd >> Version 9.2

Configuraton 0

Mandriva>>Business_server >> Version 1.0

Mandriva>>Enterprise_server >> Version 5.0

Configuraton 0

Redhat>>Enterprise_linux >> Version 5

Redhat>>Enterprise_linux >> Version 6.0

Configuraton 0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.0

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.1

Isc>>Bind >> Version 9.8.2

Isc>>Bind >> Version 9.8.2

Isc>>Bind >> Version 9.8.2

Isc>>Bind >> Version 9.8.3

Isc>>Bind >> Version 9.8.3

Isc>>Bind >> Version 9.8.3

Isc>>Bind >> Version 9.8.4

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.5

Isc>>Bind >> Version 9.8.6

Configuraton 0

Fedoraproject>>Fedora >> Version 18

Fedoraproject>>Fedora >> Version 19

Configuraton 0

Hp>>Hp-ux >> Version b.11.31

Configuraton 0

Slackware>>Slackware_linux >> Version 12.1

Slackware>>Slackware_linux >> Version 12.2

Slackware>>Slackware_linux >> Version 13.0

Slackware>>Slackware_linux >> Version 13.1

Slackware>>Slackware_linux >> Version 13.37

References

https://kb.isc.org/article/AA-01015
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/54134
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2013:202
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/54185
Tags : third-party-advisory, x_refsource_SECUNIA
https://kb.isc.org/article/AA-01016
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/54207
Tags : third-party-advisory, x_refsource_SECUNIA
https://support.apple.com/kb/HT6536
Tags : x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-1114.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/61479
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/54323
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/54211
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-1910-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://www.debian.org/security/2013/dsa-2728
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.securitytracker.com/id/1028838
Tags : vdb-entry, x_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2013-1115.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/54432
Tags : third-party-advisory, x_refsource_SECUNIA