Vulnerability Name:

CVE-2002-2211 (CCN-10704)

Assigned:2002-11-19
Published:2002-11-19
Updated:2018-10-19
Summary:BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: BugTraq Mailing List, Mon Nov 25 2002 - 15:32:39 CST
CAIS-ALERT: Vulnerability in the sending requests control of BIND

Source: CCN
Type: BugTraq Mailing List, Fri May 19 2006 - 08:04:11 CDT
[security bulletin] HPSBUX02117 SSRT2400 rev.1 - HP-UX Running BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)

Source: MITRE
Type: CNA
CVE-2002-2211

Source: MITRE
Type: CNA
CVE-2002-2212

Source: MITRE
Type: CNA
CVE-2002-2213

Source: CCN
Type: Hewlett-Packard Company Security Bulletin HPSBUX02117 SSRT2400
HP-UX Running BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)

Source: APPLE
Type: UNKNOWN
2002-11-21

Source: CCN
Type: SA20217
HP-UX BIND4 DNS Cache Poisoning Vulnerability

Source: SECUNIA
Type: Vendor Advisory
20217

Source: CCN
Type: ASA-2006-105
HP-UX BINDv4 Domain Name Server (DNS) Remote Unauthorized Access, Denial of Service (DoS)

Source: MISC
Type: UNKNOWN
http://www.imconf.net/imw-2002/imw2002-papers/198.pdf

Source: CCN
Type: US-CERT VU#457875
Various DNS service implementations generate multiple simultaneous queries for the same resource record

Source: CERT-VN
Type: US Government Resource
VU#457875

Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FDPYP

Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FDT4U

Source: MISC
Type: UNKNOWN
http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ

Source: CCN
Type: OSVDB ID: 25895
ISC BIND Cached Recursive Query DoS

Source: CCN
Type: OSVDB ID: 31840
Fujitsu UXP/V DNS Resolver Remote Birthday Attack Cache Poisoning

Source: CCN
Type: OSVDB ID: 31843
Infoblox DNS One DNS Resolver Remote Birthday Attack Cache Poisoning

Source: MISC
Type: Patch
http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html

Source: HP
Type: UNKNOWN
HPSBUX02117

Source: VUPEN
Type: UNKNOWN
ADV-2006-1923

Source: XF
Type: UNKNOWN
bind-rr-dns-spoofing(10704)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*

    • Configuration CCN 1:
  • cpe:/a:isc:bind:8.2:-:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:8.2.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.5:p1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p7:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.8:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9.10:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.2:p2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:4.9:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:b.11.00:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    isc bind 4.9
    isc bind 4.9.2
    isc bind 4.9.3
    isc bind 4.9.4
    isc bind 4.9.5
    isc bind 4.9.5 p1
    isc bind 4.9.6
    isc bind 4.9.7
    isc bind 4.9.8
    isc bind 4.9.9
    isc bind 4.9.10
    isc bind 8.2
    isc bind 8.2.1
    isc bind 8.2.2
    isc bind 8.2.2 p1
    isc bind 8.2.2 p2
    isc bind 8.2.2 p3
    isc bind 8.2.2 p4
    isc bind 8.2.2 p5
    isc bind 8.2.2 p6
    isc bind 8.2.2 p7
    isc bind 8.2.3
    isc bind 8.2.4
    isc bind 8.2.5
    isc bind 8.2.6
    isc bind 8.2.7
    isc bind 8.3.0
    isc bind 8.3.1
    isc bind 8.3.2
    isc bind 8.3.3
    isc bind 8.3.4
    isc bind 8.2
    isc bind 8.2.1
    isc bind 4.9.5
    isc bind 4.9.5 p1
    isc bind 4.9.6
    isc bind 4.9.7
    isc bind 8.2.2
    isc bind 8.2.2 p1
    isc bind 8.3.3
    isc bind 8.3.2
    isc bind 8.3.1
    isc bind 8.3.0
    isc bind 8.2.6
    isc bind 8.2.5
    isc bind 8.2.4
    isc bind 8.2.3
    isc bind 8.2.2 p7
    isc bind 8.2.2 p5
    isc bind 8.2.2 p3
    isc bind 4.9.2
    isc bind 8.2.7
    isc bind 4.9.3
    isc bind 4.9.4
    isc bind 4.9.8
    isc bind 4.9.9
    isc bind 4.9.10
    isc bind 8.2.2 p6
    isc bind 8.2.2 p4
    isc bind 8.2.2 p2
    isc bind 4.9
    isc bind 8.3.4
    hp hp-ux b.11.00
    apple mac os x server *