Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-2266
HistoryMar 28, 2013 - 4:55 p.m.

CVE-2013-2266

2013-03-2816:55:01
CWE-119
[email protected]
web.nvd.nist.gov
226
cve-2013-2266
isc bind
denial of service
memory consumption
unix
vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

8

Confidence

High

EPSS

0.943

Percentile

99.2%

JSON

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Affected configurations

NVD
Node
iscbindMatch9.9.0
OR
iscbindMatch9.9.0a1
OR
iscbindMatch9.9.0a2
OR
iscbindMatch9.9.0a3
OR
iscbindMatch9.9.0b1
OR
iscbindMatch9.9.0b2
OR
iscbindMatch9.9.0rc1
OR
iscbindMatch9.9.0rc2
OR
iscbindMatch9.9.0rc3
OR
iscbindMatch9.9.0rc4
OR
iscbindMatch9.9.1
OR
iscbindMatch9.9.1p1
OR
iscbindMatch9.9.1p2
OR
iscbindMatch9.9.2
Node
iscbindMatch9.9.3
OR
iscbindMatch9.9.3b1
Node
iscbindMatch9.7.0
OR
iscbindMatch9.7.0b1
OR
iscbindMatch9.7.0p1
OR
iscbindMatch9.7.0p2
OR
iscbindMatch9.7.0rc1
OR
iscbindMatch9.7.0rc2
OR
iscbindMatch9.7.1
OR
iscbindMatch9.7.1p1
OR
iscbindMatch9.7.1p2
OR
iscbindMatch9.7.1rc1
OR
iscbindMatch9.7.2
OR
iscbindMatch9.7.2p1
OR
iscbindMatch9.7.2p2
OR
iscbindMatch9.7.2p3
OR
iscbindMatch9.7.2rc1
OR
iscbindMatch9.7.3
OR
iscbindMatch9.7.3b1
OR
iscbindMatch9.7.3p1
OR
iscbindMatch9.7.3rc1
OR
iscbindMatch9.7.4
OR
iscbindMatch9.7.4b1
OR
iscbindMatch9.7.4p1
OR
iscbindMatch9.7.4rc1
OR
iscbindMatch9.7.5
OR
iscbindMatch9.7.5b1
OR
iscbindMatch9.7.5rc1
OR
iscbindMatch9.7.5rc2
OR
iscbindMatch9.7.6
OR
iscbindMatch9.7.6p1
OR
iscbindMatch9.7.6p2
Node
iscbindMatch9.8.0
OR
iscbindMatch9.8.0a1
OR
iscbindMatch9.8.0b1
OR
iscbindMatch9.8.0p1
OR
iscbindMatch9.8.0p2
OR
iscbindMatch9.8.0p4
OR
iscbindMatch9.8.0rc1
OR
iscbindMatch9.8.1
OR
iscbindMatch9.8.1b1
OR
iscbindMatch9.8.1b2
OR
iscbindMatch9.8.1b3
OR
iscbindMatch9.8.1p1
OR
iscbindMatch9.8.1rc1
OR
iscbindMatch9.8.2b1
OR
iscbindMatch9.8.2rc1
OR
iscbindMatch9.8.2rc2
OR
iscbindMatch9.8.3
OR
iscbindMatch9.8.3p1
OR
iscbindMatch9.8.3p2
OR
iscbindMatch9.8.4
OR
iscbindMatch9.8.5
OR
iscbindMatch9.8.5b1
VendorProductVersionCPE
iscbind9.9.0cpe:/a:isc:bind:9.9.0:::
iscbind9.9.0cpe:/a:isc:bind:9.9.0:a1::
iscbind9.9.0cpe:/a:isc:bind:9.9.0:b2::
iscbind9.9.0cpe:/a:isc:bind:9.9.0:rc1::
iscbind9.9.0cpe:/a:isc:bind:9.9.0:rc2::
iscbind9.9.1cpe:/a:isc:bind:9.9.1:p2::
iscbind9.9.1cpe:/a:isc:bind:9.9.1:::
iscbind9.9.0cpe:/a:isc:bind:9.9.0:rc3::
iscbind9.9.1cpe:/a:isc:bind:9.9.1:p1::
iscbind9.9.2cpe:/a:isc:bind:9.9.2:::
Rows per page:
1-10 of 141

Related

nessus 34
openvas 29
fedora 3
prion 2
veracode 1
redhat 3
oraclelinux 4
slackware 2
freebsd 2
debiancve 2
securityvulns 4
seebug 1
f5 2
nvd 2
cvelist 2
amazon 1
ubuntucve 2
ubuntu 1
checkpoint_advisories 1
debian 1
centos 2
freebsd_advisory 1
cve 1
rosalinux 1
gentoo 1
nessus
nessus
SuSE 11.2 Security Update : dhcp (SAT Patch Number 7571)
2013-04-18 00:00:00
Fedora 17 : bind-9.9.2-7.P2.fc17 (2013-4533)
2013-04-08 00:00:00
Oracle Linux 5 : bind97 (ELSA-2013-0690)
2013-07-12 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-176)
2015-09-08 00:00:00
Ubuntu Update for bind9 USN-1783-1
2013-04-02 00:00:00
CentOS Update for bind97 CESA-2013:0690 centos5
2013-04-02 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: bind-9.9.2-10.P2.fc18
2013-04-05 23:08:28
[SECURITY] Fedora 17 Update: bind-9.9.2-7.P2.fc17
2013-04-07 00:25:01
[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18
2013-08-04 00:13:45
prion
prion
Code injection
2013-03-28 16:55:00
Design/Logic Flaw
2013-03-28 16:55:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:51:10
redhat
redhat
(RHSA-2013:0690) Important: bind97 security update
2013-03-28 00:00:00
(RHSA-2013:0689) Important: bind security and bug fix update
2013-03-28 00:00:00
(RHSA-2013:0746) Important: rhev-hypervisor6 security and bug fix update
2013-04-23 00:00:00
oraclelinux
oraclelinux
bind security and bug fix update
2013-03-28 00:00:00
bind97 security update
2013-03-28 00:00:00
bind97 security and bug fix update
2014-09-17 00:00:00
slackware
slackware
dhcp
2013-03-27 03:20:37
bind
2013-03-27 03:19:59
freebsd
freebsd
FreeBSD -- BIND remote denial of service
2013-04-02 00:00:00
dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion
2013-03-11 00:00:00
debiancve
debiancve
CVE-2013-2266
2013-03-28 16:55:01
CVE-2013-2494
2022-10-03 16:14:59
securityvulns
securityvulns
[USN-1783-1] Bind vulnerability
2013-04-01 00:00:00
bind / dhcp DoS
2013-04-01 00:00:00
[slackware-security] dhcp (SSA:2013-086-02)
2013-04-01 00:00:00
seebug
seebug
ISC BIND 9 'libdns' θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž(CVE-2013-2266)
2013-03-29 00:00:00
f5
f5
SOL14386 - BIND vulnerability CVE-2013-2266
2013-05-01 00:00:00
K14386 : BIND vulnerability CVE-2013-2266
2014-08-26 00:00:00
nvd
nvd
CVE-2013-2266
2013-03-28 16:55:01
CVE-2013-2494
2013-03-28 16:55:01
cvelist
cvelist
CVE-2013-2266
2013-03-28 16:00:00
CVE-2013-2494
2022-10-03 16:14:59
amazon
amazon
Important: bind
2013-04-04 11:09:00
ubuntucve
ubuntucve
CVE-2013-2266
2013-03-26 00:00:00
CVE-2013-2494
2013-03-28 00:00:00
ubuntu
ubuntu
Bind vulnerability
2013-03-29 00:00:00
checkpoint_advisories
checkpoint_advisories
ISC BIND Regular Expression Handling Denial of Service (CVE-2013-2266)
2013-06-30 00:00:00
debian
debian
[SECURITY] [DSA 2656-1] bind9 security update
2013-03-30 15:42:49
centos
centos
bind security update
2013-03-29 00:19:00
bind97 security update
2013-03-28 23:25:41
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:04.bind
2013-04-02 00:00:00
cve
cve
CVE-2013-2494
2022-10-03 16:14:59
rosalinux
rosalinux
Advisory ROSA-SA-2021-1822
2021-07-02 16:37:55
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

8

Confidence

High

EPSS

0.943

Percentile

99.2%

JSON
Related for CVE-2013-2266
nessus34openvas29fedora3prion2veracode1redhat3oraclelinux4slackware2freebsd2debiancve2securityvulns4seebug1f52nvd2cvelist2amazon1ubuntucve2ubuntu1checkpoint_advisories1debian1centos2freebsd_advisory1cve1rosalinux1gentoo1