Vulnerability Name:

CVE-2000-0888

Assigned:2000-11-13
Published:2000-11-13
Updated:2018-05-02
Summary:named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
CVSS v3 Severity:4.0 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
References:Source: SUSE
Type: UNKNOWN
SuSE-SA:2000:45

Source: CONECTIVA
Type: UNKNOWN
CLSA-2000:338

Source: CONECTIVA
Type: VENDOR_ADVISORY
CLSA-2000:339

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2000:067

Source: CERT
Type: VENDOR_ADVISORY
CA-2000-20

Source: DEBIAN
Type: UNKNOWN
20001112 bind: remote Denial of Service

Source: REDHAT
Type: UNKNOWN
RHSA-2000:107

Source: XF
Type: UNKNOWN
bind-srv-dos(5814)

Vulnerable Configuration:
Configuration CCN 1:
  • cpe:/o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • AND
  • cpe:/a:isc:bind:4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.2:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.2.1.12:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    sun solaris 2.5.1
    sun solaris 2.6 hw3
    redhat linux 5.2
    redhat linux 6.0
    redhat linux 6.1
    redhat linux 6.2
    suse suse linux 6.4
    debian debian linux 2.2
    mandrakesoft mandrake linux 7.0
    suse suse linux 6.1
    mandrakesoft mandrake linux 7.1
    mandrakesoft mandrake linux 6.1
    redhat linux 7
    mandrakesoft mandrake linux 7.2
    redhat linux 7.1
    redhat linux 7.2
    sun solaris 1.0
    redhat linux 7.3
    isc bind 4
    ibm aix 4.2.1
    freebsd freebsd 9.2 prerelease
    netbsd netbsd 1.3.3
    ibm aix 4.3
    ibm aix 4.3.2
    sun solaris 8
    ibm aix 4.3.3
    ibm aix 4.3.1
    sun solaris 7.0
    ibm aix 4.2.0
    ibm aix 4.2.1.12