Vulnerabilidad en ISC BIND (CVE-2012-5166)
Gravedad CVSS v2.0:
ALTA
Tipo:
CWE-189
Errores numéricos
Fecha de publicación:
10/10/2012
Última modificación:
11/04/2025
Descripción
ISC BIND v9.x antes de v9.7.6-P4, v9.8.x antes de v9.8.3-P4, v9.9.x antes de v9.9.1-P4, y v9.4-ESV y 9.6-ESV antes de v9.6-ESV-R7-P, permite a atacantes remotos provocar una denegación de servicio a través de combinaciones no especificadas de registros de recursos.
Impacto
Puntuación base 2.0
7.80
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc5:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.0:rc6:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.0.1:rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.1.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.1.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:isc:bind:9.1.1:rc2:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090346.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090491.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090586.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00013.html
- http://osvdb.org/86118
- http://rhn.redhat.com/errata/RHSA-2012-1363.html
- http://rhn.redhat.com/errata/RHSA-2012-1364.html
- http://rhn.redhat.com/errata/RHSA-2012-1365.html
- http://secunia.com/advisories/50903
- http://secunia.com/advisories/50909
- http://secunia.com/advisories/50956
- http://secunia.com/advisories/51054
- http://secunia.com/advisories/51078
- http://secunia.com/advisories/51096
- http://secunia.com/advisories/51106
- http://secunia.com/advisories/51178
- http://support.apple.com/kb/HT5880
- http://www.debian.org/security/2012/dsa-2560
- http://www.ibm.com/support/docview.wss?uid=isg1IV30185
- http://www.ibm.com/support/docview.wss?uid=isg1IV30247
- http://www.ibm.com/support/docview.wss?uid=isg1IV30364
- http://www.ibm.com/support/docview.wss?uid=isg1IV30365
- http://www.ibm.com/support/docview.wss?uid=isg1IV30366
- http://www.ibm.com/support/docview.wss?uid=isg1IV30367
- http://www.ibm.com/support/docview.wss?uid=isg1IV30368
- http://www.isc.org/software/bind/advisories/cve-2012-5166
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A162
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/55852
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004
- http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
- https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
- https://kb.isc.org/article/AA-00801
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19706
- http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090346.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090491.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090586.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00013.html
- http://osvdb.org/86118
- http://rhn.redhat.com/errata/RHSA-2012-1363.html
- http://rhn.redhat.com/errata/RHSA-2012-1364.html
- http://rhn.redhat.com/errata/RHSA-2012-1365.html
- http://secunia.com/advisories/50903
- http://secunia.com/advisories/50909
- http://secunia.com/advisories/50956
- http://secunia.com/advisories/51054
- http://secunia.com/advisories/51078
- http://secunia.com/advisories/51096
- http://secunia.com/advisories/51106
- http://secunia.com/advisories/51178
- http://support.apple.com/kb/HT5880
- http://www.debian.org/security/2012/dsa-2560
- http://www.ibm.com/support/docview.wss?uid=isg1IV30185
- http://www.ibm.com/support/docview.wss?uid=isg1IV30247
- http://www.ibm.com/support/docview.wss?uid=isg1IV30364
- http://www.ibm.com/support/docview.wss?uid=isg1IV30365
- http://www.ibm.com/support/docview.wss?uid=isg1IV30366
- http://www.ibm.com/support/docview.wss?uid=isg1IV30367
- http://www.ibm.com/support/docview.wss?uid=isg1IV30368
- http://www.isc.org/software/bind/advisories/cve-2012-5166
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A162
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/55852
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.536004
- http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
- https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488
- https://kb.isc.org/article/AA-00801
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19706