Vulnerability Name:

CVE-2003-0914 (CCN-13854)

Assigned:2003-11-26
Published:2003-11-26
Updated:2018-10-30
Summary:ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-03:19.bind
bind8 negative cache poison attack

Source: CCN
Type: NetBSD Security Advisory 2003-018
DNS negative cache poisoning

Source: CCN
Type: SCO Security Advisory CSSA-2003-SCO.33
UnixWare 7.1.1 : Bind: cache poisoning BIND 8 prior to 8.3.7 and BIND 8.4.x prior 8.4.2

Source: SCO
Type: UNKNOWN
CSSA-2004-003.0

Source: SCO
Type: UNKNOWN
CSSA-2003-SCO.33

Source: CCN
Type: BugTraq Mailing List, Wed Nov 26 2003 - 17:21:02 CST
BIND cache poisoning vulnerability

Source: CCN
Type: Trustix Secure Linux Security Advisory #2003-0044
bind

Source: MITRE
Type: CNA
CVE-2003-0914

Source: SECUNIA
Type: UNKNOWN
10542

Source: CCN
Type: Sun Alert ID: 57434
Remote Denial-Of-Service Vulnerability in BIND DNS Daemon (in.named)

Source: SUNALERT
Type: UNKNOWN
57434

Source: CCN
Type: IBM APAR IY49881
IY49881: CERT:ANTI-CACHE POISON TECHNIQUES TO NEGATIVE ANSWERS

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-409

Source: DEBIAN
Type: DSA-409
bind -- denial of service

Source: CCN
Type: ISC BIND 8 Web page
ISC BIND 8

Source: CCN
Type: US-CERT VU#734644
ISC BIND 8 vulnerable to cache poisoning via negative responses

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#734644

Source: CCN
Type: Guardian Digital Security Advisory ESA-20031126-031
bind-chroot, bind-chroot-utils

Source: CCN
Type: Immunix Secured OS Security Advisory IMNX-2003-7+-024-01
bind

Source: CCN
Type: SCO Security Advisory CSSA-2004-003.0
OpenLinux: Bind: cache poisoning BIND 8 prior to 8.3.7 and BIND 8.4.x prior 8.4.2

Source: CCN
Type: OSVDB ID: 2866
ISC BIND Negative Record Cache Poisoning

Source: CCN
Type: BID-9114
ISC BIND Negative Cache Poison Denial Of Service Vulnerability

Source: TRUSTIX
Type: UNKNOWN
2003-0044

Source: XF
Type: UNKNOWN
bind-negative-cache-dos(13854)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:2011

Source: SUSE
Type: SUSE-SA:2003:047
bind8: cache poisoning/denial-of-service

Vulnerable Configuration:Configuration 1:
  • cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.4.1:*:*:*:-:*:*:*
  • OR cpe:/a:nixu:namesurfer:standard_3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:nixu:namesurfer:suite_3.0.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:compaq:tru64:4.0f:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1b:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6.2:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.7:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.9:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.0:-:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1l:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:*
  • OR cpe:/o:sco:unixware:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9.0:*:x86:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.7:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.8:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:isc:bind:8.3.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.2.7:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.3.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:8.4.1:*:*:*:-:*:*:*
  • AND
  • cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.3:-:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.4:-:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.5:-:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6.1:release_p10:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.7:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.1:-:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.9:-:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:7.0::sparc:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6.2:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:2011
    V
    		ISC BIND Cache Poison Denial Of Service
    2005-02-16
    oval:org.debian:def:409
    V
    		denial of service
    2004-01-05
    BACK
    isc bind 8.2.3
    isc bind 8.2.4
    isc bind 8.2.5
    isc bind 8.2.6
    isc bind 8.2.7
    isc bind 8.3.0
    isc bind 8.3.1
    isc bind 8.3.2
    isc bind 8.3.3
    isc bind 8.3.4
    isc bind 8.3.5
    isc bind 8.3.6
    isc bind 8.4
    isc bind 8.4.1
    nixu namesurfer standard_3.0.1
    nixu namesurfer suite_3.0.1
    compaq tru64 4.0f
    compaq tru64 4.0f_pk6_bl17
    compaq tru64 4.0f_pk7_bl18
    compaq tru64 4.0f_pk8_bl22
    compaq tru64 4.0g
    compaq tru64 4.0g_pk3_bl17
    compaq tru64 4.0g_pk4_bl22
    compaq tru64 5.1
    compaq tru64 5.1_pk3_bl17
    compaq tru64 5.1_pk4_bl18
    compaq tru64 5.1_pk5_bl19
    compaq tru64 5.1_pk6_bl20
    compaq tru64 5.1a
    compaq tru64 5.1a_pk1_bl1
    compaq tru64 5.1a_pk2_bl2
    compaq tru64 5.1a_pk3_bl3
    compaq tru64 5.1a_pk4_bl21
    compaq tru64 5.1a_pk5_bl23
    compaq tru64 5.1b
    compaq tru64 5.1b_pk1_bl1
    compaq tru64 5.1b_pk2_bl22
    freebsd freebsd 4.4
    freebsd freebsd 4.5
    freebsd freebsd 4.6
    freebsd freebsd 4.6.2
    freebsd freebsd 4.7
    freebsd freebsd 4.8
    freebsd freebsd 4.9
    freebsd freebsd 5.0
    hp hp-ux 11.00
    hp hp-ux 11.11
    ibm aix 5.1l
    netbsd netbsd 1.6
    netbsd netbsd 1.6.1
    netbsd netbsd current
    sco unixware 7.1.1
    sun solaris 7.0
    sun solaris 8.0
    sun solaris 9.0
    sun solaris 9.0
    sun sunos 5.7
    sun sunos 5.8
    isc bind 8.3.3
    isc bind 8.3.2
    isc bind 8.3.1
    isc bind 8.3.0
    isc bind 8.2.6
    isc bind 8.2.5
    isc bind 8.2.4
    isc bind 8.2.3
    isc bind 8.2.7
    isc bind 8.3.4
    isc bind 8.3.5
    isc bind 8.3.6
    isc bind 8.4
    isc bind 8.4.1
    sun solaris 8
    freebsd freebsd 4.0
    freebsd freebsd 4.1
    netbsd netbsd 1.5
    freebsd freebsd 4.2
    engardelinux secure community 1.0.1
    ibm aix 5.1
    trustix secure linux 1.2
    freebsd freebsd 4.3
    trustix secure linux 1.5
    netbsd netbsd 1.5.1
    ibm aix 4.3.3
    suse suse linux 7.3
    freebsd freebsd 4.4
    netbsd netbsd 1.5.2
    suse suse linux 8.0
    freebsd freebsd 4.5
    sun solaris 9
    debian debian linux 3.0
    freebsd freebsd 4.6
    freebsd freebsd 4.6.1 release_p10
    netbsd netbsd 1.5.3
    netbsd netbsd 1.6
    suse suse linux 8.1
    suse linux enterprise server 8
    netbsd netbsd current
    ibm aix 5.2
    freebsd freebsd 4.7
    freebsd freebsd 4.8
    suse suse linux 8.2
    engardelinux secure community 2.0
    suse suse linux 9.0
    freebsd freebsd 5.1
    netbsd netbsd 1.6.2
    freebsd freebsd 4.9
    sun solaris 7.0
    freebsd freebsd 4.6.2