| Vulnerability Name: | CVE-2000-0888 (CCN-5814) | ||||||||
| Assigned: | 2000-11-13 | ||||||||
| Published: | 2000-11-13 | ||||||||
| Updated: | 2020-12-09 | ||||||||
| Summary: | named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: CCN Type: Caldera International, Inc. Security Advisory CSSA-2000-040.0 DoS attack against named Source: CCN Type: Conectiva Linux Announcement CLSA-2000:339 bind: Previous bind package for CL5.1 removes named user Source: CCN Type: IBM Emergency Response Service Security Vulnerability Alert ERS-SVA-E01-2000:005.1 Two DoS Vulnerabilities in BIND Source: SUSE Type: Broken Link SuSE-SA:2000:45 Source: MITRE Type: CNA CVE-2000-0888 Source: CONECTIVA Type: Broken Link CLSA-2000:338 Source: CONECTIVA Type: Broken Link CLSA-2000:339 Source: MANDRAKE Type: Broken Link MDKSA-2000:067 Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX0102-144 Sec. Vulnerability in BIND Source: CCN Type: RHSA-2000:107-02 Updated bind packages fixing DoS attack available Source: CCN Type: Sun Alert ID: 26965 Vulnerabilities in the Domain Name System (DNS) 'in.named' Process May Allow Remote Access to Superuser (root) Source: CCN Type: IBM Technical Support Web site AIX General Software Fixes Source: CCN Type: CERT Advisory CA-2000-20 Multiple Denial-of-Service Problems in ISC BIND Source: CERT Type: Third Party Advisory, US Government Resource CA-2000-20 Source: CCN Type: CIAC Information Bulletin L-019 ISC BIND Vulnerabilities Source: CCN Type: CIAC Information Bulletin L-021 IBM AIX: Locale and BIND fixes Source: DEBIAN Type: Third Party Advisory 20001112 bind: remote Denial of Service Source: DEBIAN Type: Debian Security Advisory 20001112 bind: remote Denial of Service Source: CCN Type: Immunix OS Security Advisory IMNX-2000-70-005-01 bind Source: CCN Type: Internet Software Consortium (ISC) Web site ISC BIND Source: CCN Type: US-CERT VU#198355 ISC BIND 8.2.2-P6 vulnerable to DoS when processing SRV records, aka the srv bug Source: CCN Type: OSVDB ID: 5828 ISC BIND named SRV Remote DoS Source: REDHAT Type: Third Party Advisory RHSA-2000:107 Source: CCN Type: SuSE Security Announcement SuSE-SA:2000:045 bind8 Source: CCN Type: MandrakeSoft Security Advisory MDKSA-2000:067 bind Source: XF Type: Third Party Advisory, VDB Entry bind-srv-dos(5814) Source: XF Type: UNKNOWN bind-srv-dos(5814) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||