| Vulnerability Name: | CVE-2002-2211 (CCN-10704) |
| Assigned: | 2002-11-19 |
| Published: | 2002-11-19 |
| Updated: | 2018-10-19 |
| Summary: | BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
|
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): Low
Availibility (A): None |
|
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None |
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | Bypass Security |
| References: | Source: CCN
Type: BugTraq Mailing List, Mon Nov 25 2002 - 15:32:39 CST
CAIS-ALERT: Vulnerability in the sending requests control of BIND
Source: CCN
Type: BugTraq Mailing List, Fri May 19 2006 - 08:04:11 CDT
[security bulletin] HPSBUX02117 SSRT2400 rev.1 - HP-UX Running BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)
Source: MITRE
Type: CNA
CVE-2002-2211
Source: MITRE
Type: CNA
CVE-2002-2212
Source: MITRE
Type: CNA
CVE-2002-2213
Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX02117 SSRT2400
HP-UX Running BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)
Source: APPLE
Type: UNKNOWN
2002-11-21
Source: CCN
Type: SA20217
HP-UX BIND4 DNS Cache Poisoning Vulnerability
Source: SECUNIA
Type: Vendor Advisory
20217
Source: CCN
Type: ASA-2006-105
HP-UX BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)
Source: MISC
Type: UNKNOWN
http://www.imconf.net/imw-2002/imw2002-papers/198.pdf
Source: CCN
Type: US-CERT VU#457875
Various DNS service implementations generate multiple simultaneous queries for the same resource record
Source: CERT-VN
Type: US Government Resource
VU#457875
Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FDPYP
Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FDT4U
Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ
Source: CCN
Type: OSVDB ID: 25895
ISC BIND Cached Recursive Query DoS
Source: CCN
Type: OSVDB ID: 31840
Fujitsu UXP/V DNS Resolver Remote Birthday Attack Cache Poisoning
Source: CCN
Type: OSVDB ID: 31843
Infoblox DNS One DNS Resolver Remote Birthday Attack Cache Poisoning
Source: MISC
Type: Patch
http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html
Source: HP
Type: UNKNOWN
HPSBUX02117
Source: VUPEN
Type: UNKNOWN
ADV-2006-1923
Source: XF
Type: UNKNOWN
bind-rr-dns-spoofing(10704)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*
Configuration CCN 1:
cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:*OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:*OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:*OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*AND cpe:/o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*OR cpe:/o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |