Lucene search
China National Vulnerability DatabaseCNVD-2023-49475HistorySep 24, 2022 - 12:00 a.m.
ISC BIND Buffer Overflow Vulnerability
2022-09-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
isc bind
buffer overflow
vulnerability
stats channel
dns protocol
open source software
memory read
process crash
http connection
isc company
0.001 Low
EPSS
Percentile
47.5%
ISC BIND is the United States ISC company’s set of open source software that implements the DNS protocol. ISC BIND suffers from a buffer overflow vulnerability that originates when reusing an HTTP connection to request statistics from the stats channel, where the length of the contents of successive responses may grow beyond the end of the allocated buffer, which can be exploited by an attacker to cause the read to exceed the end of the buffer and read memory it shouldn’t have to, or crash the process.
| CPE | Name | Operator | Version |
|---|---|---|---|
| isc bind >=9.18.0, | lt | 9.18.7 | |
| isc bind >=9.19.0, | lt | 9.19.5 |
Related
ubuntucve
ubuntucve
CVE-2022-2881
2022-09-21 00:00:00
nessus
nessus
ISC BIND 9.18.0 < 9.18.7 / 9.19.0 < 9.19.5 Vulnerability (cve-2022-2881)
2022-09-22 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Bind vulnerabilities (USN-5626-1)
2022-09-21 00:00:00
GLSA-202210-25 : ISC BIND: Multiple Vulnerabilities
2022-10-31 00:00:00
openvas
openvas
ISC BIND DoS Vulnerability (CVE-2022-2881) - Linux
2022-09-22 00:00:00
ISC BIND DoS Vulnerability (CVE-2022-2881) - Windows
2022-09-22 00:00:00
Ubuntu: Security Advisory (USN-5626-1)
2022-09-22 00:00:00
cvelist
cvelist
CVE-2022-2881 Buffer overread in statistics channel code
2022-09-21 00:00:00
prion
prion
Buffer overflow
2022-09-21 11:15:00
cve
cve
CVE-2022-2881
2022-09-21 11:15:09
veracode
veracode
Out-Of-Bounds Read
2022-09-24 22:30:09
redhatcve
redhatcve
CVE-2022-2881
2022-09-21 13:19:02
debiancve
debiancve
CVE-2022-2881
2022-09-21 11:15:09
f5
f5
K40427215 : BIND vulnerability CVE-2022-2881
2022-10-03 00:00:00
alpinelinux
alpinelinux
CVE-2022-2881
2022-09-21 11:15:09
nvd
nvd
CVE-2022-2881
2022-09-21 11:15:09
osv
osv
CVE-2022-2881
2022-09-21 11:15:09
bind9 vulnerabilities
2022-09-21 11:39:24
ubuntu
ubuntu
Bind vulnerabilities
2022-09-21 00:00:00
redos
redos
ROS-20220929-01
2022-09-29 00:00:00
cloudfoundry
cloudfoundry
USN-5626-1: Bind vulnerabilities | Cloud Foundry
2022-10-28 00:00:00
gentoo
gentoo
ISC BIND: Multiple Vulnerabilities
2022-10-31 00:00:00