// For flags

CVE-2013-3919

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.

resolver.c en ISC BIND 9.8.5 anterior a 9.8.5-P1, 9.9.3 anterior a 9.9.3-P1, y 9.6-ESV-R9 anterior a 9.6-ESV-R9-P1, cuando un "resolver" está configurado como recursivo, permite a atacantes remotos provocar una denegación de servicio (fallo de declaración y salida del demonio "named") a través de una petición para un registro en una zona mal formada.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-06-04 CVE Reserved
  • 2013-06-06 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.6
Search vendor "Isc" for product "Bind" and version "9.6"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.8.5
Search vendor "Isc" for product "Bind" and version "9.8.5"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.9.3
Search vendor "Isc" for product "Bind" and version "9.9.3"
-
Affected