CVE-2002-2213
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2002
Last modified:
03/04/2025
Description
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:infoblox:dns_one:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.5:p1:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:4.9.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:8.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:8.2.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.imconf.net/imw-2002/imw2002-papers/198.pdf
- http://www.kb.cert.org/vuls/id/457875
- http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ
- http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html
- http://www.imconf.net/imw-2002/imw2002-papers/198.pdf
- http://www.kb.cert.org/vuls/id/457875
- http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ
- http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html