Vulnerability Name:

CVE-2007-0494 (CCN-31838)

Assigned:2007-01-25
Published:2007-01-25
Updated:2017-10-11
Summary:ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-19
Vulnerability Consequences:Denial of Service
References:Source: SGI
Type: UNKNOWN
20070201-01-P

Source: CCN
Type: Full-Disclosure Mailing List, Wed Sep 19 2007 - 21:15:23 CDT
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: MITRE
Type: CNA
CVE-2007-0494

Source: CCN
Type: Apple Security Update 2007-005
About Security Update 2007-005

Source: CONFIRM
Type: UNKNOWN
http://docs.info.apple.com/article.html?artnum=305530

Source: CCN
Type: Apple Web site
Apple security updates

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-147

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-164

Source: NETBSD
Type: UNKNOWN
NetBSD-SA2007-003

Source: CCN
Type: HP Security Bulletin HPSBTU02207 SSRT061239 rev.2
HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)

Source: CCN
Type: HP Security Bulletin HPSBUX02219 SSRT061273
HP-UX Running BIND, Remote Denial of Service (DoS)

Source: HP
Type: UNKNOWN
SSRT061273

Source: APPLE
Type: UNKNOWN
APPLE-SA-2007-05-24

Source: FULLDISC
Type: UNKNOWN
20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:014

Source: CCN
Type: VMware Security-announce Mailing list, Wed Sep 19 19:15:23 PDT 2007
VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player

Source: MLIST
Type: UNKNOWN
[bind-announce] 20070125 Internet Systems Consortium Security Advisory.

Source: CCN
Type: Internet Systems Consortium Security Advisory
BIND 9: DNSSEC Validation

Source: CCN
Type: RHSA-2007-0044
Moderate: bind security update

Source: CCN
Type: RHSA-2007-0057
Moderate: bind security update

Source: CCN
Type: SA23904
ISC BIND Denial of Service Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
23904

Source: SECUNIA
Type: Vendor Advisory
23924

Source: SECUNIA
Type: Vendor Advisory
23943

Source: SECUNIA
Type: Vendor Advisory
23944

Source: SECUNIA
Type: Vendor Advisory
23972

Source: SECUNIA
Type: Vendor Advisory
23974

Source: SECUNIA
Type: Vendor Advisory
23977

Source: SECUNIA
Type: Vendor Advisory
24014

Source: SECUNIA
Type: Vendor Advisory
24048

Source: SECUNIA
Type: Vendor Advisory
24054

Source: SECUNIA
Type: Vendor Advisory
24083

Source: SECUNIA
Type: Vendor Advisory
24129

Source: SECUNIA
Type: Vendor Advisory
24203

Source: SECUNIA
Type: UNKNOWN
24284

Source: CCN
Type: SA24648
Avaya Products bind Denial of Service

Source: SECUNIA
Type: Vendor Advisory
24648

Source: CCN
Type: SA24930
HP Tru64 UNIX Multiple SSL and BIND Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
24930

Source: CCN
Type: SA24950
HP Insight Management Agents SSL Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
24950

Source: SECUNIA
Type: Vendor Advisory
25402

Source: CCN
Type: SA25482
IBM AIX BIND Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
25482

Source: SECUNIA
Type: UNKNOWN
25649

Source: CCN
Type: SA25715
Sun Solaris 10 BIND DNSSEC Denial of Service

Source: SECUNIA
Type: UNKNOWN
25715

Source: CCN
Type: SA26909
VMware ESX Server Multiple Security Updates

Source: SECUNIA
Type: UNKNOWN
26909

Source: SECUNIA
Type: UNKNOWN
27706

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-07:02

Source: GENTOO
Type: UNKNOWN
GLSA-200702-06

Source: CCN
Type: SECTRACK ID: 1017573
BIND DNSSEC Validation Bug Lets Remote Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1017573

Source: SLACKWARE
Type: UNKNOWN
SSA:2007-026-01

Source: CCN
Type: Sun Alert ID: 102969
Security Vulnerability in Solaris 10 BIND DNSSEC May Cause a Denial of Service

Source: SUNALERT
Type: UNKNOWN
102969

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm

Source: CCN
Type: ASA-2007-125
bind security update (RHSA-2007-0044)

Source: CCN
Type: ASA-2007-240
HP-UX Running BIND Remote Denial of Service (DoS) (HPSBUX02219)

Source: CCN
Type: ASA-2007-280
Security Vulnerability in Solaris 10 BIND DNSSEC May Cause a Denial of Service (Sun 102969)

Source: AIXAPAR
Type: UNKNOWN
IY95618

Source: CCN
Type: IBM APAR IY95618
POTENTIAL SECURITY ISSUE IN BOS.NET.TCP.SERVER

Source: AIXAPAR
Type: UNKNOWN
IY95619

Source: CCN
Type: IBM APAR IY95619
POTENTIAL SECURITY ISSUE IN BOS.NET.TCP.SERVER

Source: AIXAPAR
Type: UNKNOWN
IY96144

Source: CCN
Type: IBM APAR IY96144
POTENTIAL SECURITY ISSUE IN BOS.NET.TCP.SERVER

Source: AIXAPAR
Type: UNKNOWN
IY96324

Source: CCN
Type: IBM APAR IY96324
POTENTIAL SECURITY ISSUE IN BOS.NET.TCP.SERVER

Source: DEBIAN
Type: UNKNOWN
DSA-1254

Source: DEBIAN
Type: DSA-1254
bind9 -- insufficient input sanitising

Source: CCN
Type: GLSA-200702-06
BIND: Denial of Service

Source: CONFIRM
Type: UNKNOWN
http://www.isc.org/index.pl?/sw/bind/bind-security.php

Source: CONFIRM
Type: Patch
http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8

Source: CONFIRM
Type: Patch
http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4

Source: CCN
Type: Internet Software Consortium (ISC) Web site
BIND (Berkeley Internet Name Domain) page

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:030

Source: CCN
Type: OpenPKG-SA-2007.007
bind

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2007.007

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0044

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0057

Source: BID
Type: UNKNOWN
22231

Source: CCN
Type: BID-22231
ISC BIND Remote DNSSEC Validation Denial of Service Vulnerability

Source: TRUSTIX
Type: UNKNOWN
2007-0005

Source: CCN
Type: TLSA-2007-9
bind denial of service attack

Source: CCN
Type: USN-418-1
Bind vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-418-1

Source: CCN
Type: VMware, Inc. Web site
Download Patch ESX-1001725 for VMware ESX Server 3.0.2

Source: VUPEN
Type: UNKNOWN
ADV-2007-1401

Source: VUPEN
Type: UNKNOWN
ADV-2007-1939

Source: VUPEN
Type: UNKNOWN
ADV-2007-2002

Source: VUPEN
Type: UNKNOWN
ADV-2007-2163

Source: VUPEN
Type: UNKNOWN
ADV-2007-2245

Source: VUPEN
Type: UNKNOWN
ADV-2007-2315

Source: VUPEN
Type: UNKNOWN
ADV-2007-3229

Source: XF
Type: UNKNOWN
bind-rrsets-dos(31838)

Source: XF
Type: UNKNOWN
bind-rrsets-dos(31838)

Source: CONFIRM
Type: UNKNOWN
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

Source: CCN
Type: rPSA-2007-0021-1 bind bind-utils
bind: various security flaws CVE-2007-0493 CVE-2007-0494

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-989

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11523

Source: SUSE
Type: SUSE-SA:2007:014
bind remote denial of service problem

Source: HP
Type: UNKNOWN
SSRT071304

Vulnerable Configuration:Configuration 1:
  • cpe:/a:isc:bind:9.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.0:rc6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.1:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.0.1:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.0:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.1:rc7:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.2:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.3:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.3:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.1.3:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:a1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:a2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:a3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:b1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc10:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc7:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc8:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.0:rc9:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.1:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.1:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.2:p2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.2:p3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.2:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.3:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc7:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.4:rc8:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.5:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.5:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.5:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.6:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.2.6:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:b3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:b4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:rc2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:rc3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.0:rc4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.2:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:rc1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.5.0:a1:*:*:-:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:isc:bind:9.3.0:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.1:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.2:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.3.3:*:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a5:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:a6:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b1:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b2:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b3:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.4.0:b4:*:*:-:*:*:*
  • OR cpe:/a:isc:bind:9.5.0:a1:*:*:-:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:11.23:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.1::personal:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:personal:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:multimedia:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20070494
    V
    CVE-2007-0494
    2015-11-16
    oval:org.mitre.oval:def:21786
    P
    ELSA-2007:0057: bind security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:11523
    V
    ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
    2013-04-29
    oval:com.redhat.rhsa:def:20070057
    P
    RHSA-2007:0057: bind security update (Moderate)
    2007-03-14
    oval:com.redhat.rhsa:def:20070044
    P
    RHSA-2007:0044: bind security update (Moderate)
    2007-02-06
    oval:org.debian:def:1254
    V
    insufficient input sanitising
    2007-01-27
    BACK
    isc bind 9.0
    isc bind 9.0.0 rc1
    isc bind 9.0.0 rc2
    isc bind 9.0.0 rc3
    isc bind 9.0.0 rc4
    isc bind 9.0.0 rc5
    isc bind 9.0.0 rc6
    isc bind 9.0.1
    isc bind 9.0.1 rc1
    isc bind 9.0.1 rc2
    isc bind 9.1
    isc bind 9.1.0 rc1
    isc bind 9.1.1
    isc bind 9.1.1 rc1
    isc bind 9.1.1 rc2
    isc bind 9.1.1 rc3
    isc bind 9.1.1 rc4
    isc bind 9.1.1 rc5
    isc bind 9.1.1 rc6
    isc bind 9.1.1 rc7
    isc bind 9.1.2
    isc bind 9.1.2 rc1
    isc bind 9.1.3
    isc bind 9.1.3 rc1
    isc bind 9.1.3 rc2
    isc bind 9.1.3 rc3
    isc bind 9.2
    isc bind 9.2.0
    isc bind 9.2.0 a1
    isc bind 9.2.0 a2
    isc bind 9.2.0 a3
    isc bind 9.2.0 b1
    isc bind 9.2.0 b2
    isc bind 9.2.0 rc1
    isc bind 9.2.0 rc10
    isc bind 9.2.0 rc2
    isc bind 9.2.0 rc3
    isc bind 9.2.0 rc4
    isc bind 9.2.0 rc5
    isc bind 9.2.0 rc6
    isc bind 9.2.0 rc7
    isc bind 9.2.0 rc8
    isc bind 9.2.0 rc9
    isc bind 9.2.1
    isc bind 9.2.1 rc1
    isc bind 9.2.1 rc2
    isc bind 9.2.2
    isc bind 9.2.2 p2
    isc bind 9.2.2 p3
    isc bind 9.2.2 rc1
    isc bind 9.2.3
    isc bind 9.2.3 rc1
    isc bind 9.2.3 rc2
    isc bind 9.2.3 rc3
    isc bind 9.2.3 rc4
    isc bind 9.2.4
    isc bind 9.2.4 rc2
    isc bind 9.2.4 rc3
    isc bind 9.2.4 rc4
    isc bind 9.2.4 rc5
    isc bind 9.2.4 rc6
    isc bind 9.2.4 rc7
    isc bind 9.2.4 rc8
    isc bind 9.2.5
    isc bind 9.2.5 b2
    isc bind 9.2.5 rc1
    isc bind 9.2.6
    isc bind 9.2.6 rc1
    isc bind 9.3
    isc bind 9.3.0
    isc bind 9.3.0 b2
    isc bind 9.3.0 b3
    isc bind 9.3.0 b4
    isc bind 9.3.0 rc1
    isc bind 9.3.0 rc2
    isc bind 9.3.0 rc3
    isc bind 9.3.0 rc4
    isc bind 9.3.1
    isc bind 9.3.1 b2
    isc bind 9.3.1 rc1
    isc bind 9.3.2
    isc bind 9.3.2 rc1
    isc bind 9.4.0 a1
    isc bind 9.4.0 a2
    isc bind 9.4.0 a3
    isc bind 9.4.0 a4
    isc bind 9.4.0 a5
    isc bind 9.4.0 b1
    isc bind 9.4.0 b2
    isc bind 9.4.0 b3
    isc bind 9.4.0 rc1
    isc bind 9.5.0 a1
    isc bind 9.3.0
    isc bind 9.3.1
    isc bind 9.3.2
    isc bind 9.3.3
    isc bind 9.4.0 a1
    isc bind 9.4.0 a2
    isc bind 9.4.0 a3
    isc bind 9.4.0 a4
    isc bind 9.4.0 a5
    isc bind 9.4.0 a6
    isc bind 9.4.0 b1
    isc bind 9.4.0 b2
    isc bind 9.4.0 b3
    isc bind 9.4.0 b4
    isc bind 9.5.0 a1
    hp hp-ux 11.11
    openpkg openpkg current
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    hp hp-ux 11.23
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux school server -
    redhat enterprise linux 3
    ibm aix 5.3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    apple mac os x 10.3.9
    apple mac os x server 10.3.9
    debian debian linux 3.1
    novell open enterprise server *
    mandrakesoft mandrake multi network firewall 2.0
    sun solaris 10
    sun solaris 10
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 2006
    compaq tru64 4.0g_pk4_bl22
    compaq tru64 4.0f_pk8_bl22
    canonical ubuntu 6.06
    suse suse linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux fuji
    turbolinux turbolinux personal *
    turbolinux turbolinux home *
    turbolinux turbolinux multimedia *
    redhat enterprise linux desktop 5.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    apple mac os x server 10.4.9
    apple mac os x 10.4.9
    redhat enterprise linux 5
    novell open enterprise server *
    novell opensuse 10.2
    suse suse linux 9.3