VAR-201303-0312
Vulnerability from variot - Updated: 2025-12-21 23:12libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. ISC BIND is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. The following are affected: ISC BIND 9.7.x ISC BIND 9.8.0 through versions 9.8.5-b1 ISC BIND 9.9.0 through versions 9.9.3-b1.
For the stable distribution (squeeze), this problem has been fixed in version 1:9.7.3.dfsg-1~squeeze10.
For the testing distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu1.
For the unstable distribution (sid), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu1.
We recommend that you upgrade your bind9 packages.
Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ patches/packages/dhcp-4.2.5_P1-i486-1_slack14.0.txz: Upgraded. This update replaces the included BIND 9 code that the DHCP programs link against. Those contained a defect that could possibly lead to excessive memory consumption and a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/dhcp-4.2.5_P1-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/dhcp-4.2.5_P1-i486-1_slack12.2.tgz
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/dhcp-4.2.5_P1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack14.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcp-4.2.5_P1-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/dhcp-4.2.5_P1-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 12.1 package: c277d6dae778ddf859d3af9584cee23e dhcp-4.2.5_P1-i486-1_slack12.1.tgz
Slackware 12.2 package: 15d244081a57135dfa61b8454209d296 dhcp-4.2.5_P1-i486-1_slack12.2.tgz
Slackware 13.0 package: df6a3c2e39397f80e03a6b4b112bbf25 dhcp-4.2.5_P1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: dbbdc76cc2bf5054ce15c036f3f4a21f dhcp-4.2.5_P1-x86_64-1_slack13.0.txz
Slackware 13.1 package: 77f1881425fbce4922256b9c2d973f80 dhcp-4.2.5_P1-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: ce4486703ec878a8cf3cd1e6791e61be dhcp-4.2.5_P1-x86_64-1_slack13.1.txz
Slackware 13.37 package: 01a8dde3c944beb5050d0ae6cde11bff dhcp-4.2.5_P1-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 4f74f10dbb95e30b4470cefa66eff96a dhcp-4.2.5_P1-x86_64-1_slack13.37.txz
Slackware 14.0 package: aa2d3985c9ea6ebc6882c96383d62e35 dhcp-4.2.5_P1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 7f75298567f9d6ee252af1389ae9852a dhcp-4.2.5_P1-x86_64-1_slack14.0.txz
Slackware -current package: e92641fe8649aa6d122b72e666e7420b n/dhcp-4.2.5_P1-i486-1.txz
Slackware x86_64 -current package: 2e46a3038527318b06271e11e763dbb9 n/dhcp-4.2.5_P1-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg dhcp-4.2.5_P1-i486-1_slack14.0.txz
Then, restart the dhcp daemon.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. Affects: FreeBSD 8.4-BETA1 and FreeBSD 9.x Corrected: 2013-03-28 05:35:46 UTC (stable/8, 8.4-BETA1) 2013-03-28 05:39:45 UTC (stable/9, 9.1-STABLE) 2013-04-02 17:34:42 UTC (releng/9.0, 9.0-RELEASE-p7) 2013-04-02 17:34:42 UTC (releng/9.1, 9.1-RELEASE-p2) CVE Name: CVE-2013-2266
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . The libdns library is a library of DNS protocol support functions.
II. This affects both recursive and authoritative servers.
III. Impact
A remote attacker can cause the named(8) daemon to consume all available memory and crash, resulting in a denial of service. Applications linked with the libdns library, for instance dig(1), may also be affected.
IV. Workaround
No workaround is available, but systems not running named(8) service and not using base system DNS utilities are not affected.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch
fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch.asc
gpg --verify bind.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
Recompile the operating system using buildworld and installworld as described in .
3) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
Branch/path Revision
stable/8/ r248807 stable/9/ r248808 releng/9.0/ r249029 releng/9.1/ r249029
VII. ============================================================================ Ubuntu Security Notice USN-1783-1 March 29, 2013
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
Bind could be made to consume memory or crash if it received specially crafted network traffic.
Software Description: - bind9: Internet Domain Name Server
Details:
Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. This issue was corrected by disabling RDATA regular expression syntax checking.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: bind9 1:9.8.1.dfsg.P1-4.2ubuntu3.2 libdns81 1:9.8.1.dfsg.P1-4.2ubuntu3.2
Ubuntu 12.04 LTS: bind9 1:9.8.1.dfsg.P1-4ubuntu0.6 libdns81 1:9.8.1.dfsg.P1-4ubuntu0.6
Ubuntu 11.10: bind9 1:9.7.3.dfsg-1ubuntu4.6 libdns69 1:9.7.3.dfsg-1ubuntu4.6
Ubuntu 10.04 LTS: bind9 1:9.7.0.dfsg.P1-1ubuntu0.9 libdns64 1:9.7.0.dfsg.P1-1ubuntu0.9
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-34
http://security.gentoo.org/
Severity: Normal Title: BIND: Denial of Service Date: January 29, 2014 Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016 ID: 201401-34
Synopsis
Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/bind < 9.9.4_p2 >= 9.9.4_p2
Description
Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.4_p2"
References
[ 1 ] CVE-2012-5166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166 [ 2 ] CVE-2012-5688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688 [ 3 ] CVE-2012-5689 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689 [ 4 ] CVE-2013-2266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266 [ 5 ] CVE-2013-3919 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919 [ 6 ] CVE-2013-4854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854 [ 7 ] CVE-2014-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-34.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind97 security update Advisory ID: RHSA-2013:0690-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0690.html Issue date: 2013-03-28 CVE Names: CVE-2013-2266 =====================================================================
- Summary:
Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. (CVE-2013-2266)
Note: This update disables the syntax checking of NAPTR (Naming Authority Pointer) resource records.
All bind97 users are advised to upgrade to these updated packages, which contain a patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
928027 - CVE-2013-2266 bind: libdns regular expressions excessive resource consumption DoS
- Package List:
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind97-9.7.0-17.P2.el5_9.1.src.rpm
i386: bind97-9.7.0-17.P2.el5_9.1.i386.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.i386.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm bind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm bind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm bind97-utils-9.7.0-17.P2.el5_9.1.i386.rpm
x86_64: bind97-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm bind97-devel-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm bind97-libs-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-utils-9.7.0-17.P2.el5_9.1.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind97-9.7.0-17.P2.el5_9.1.src.rpm
i386: bind97-9.7.0-17.P2.el5_9.1.i386.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.i386.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm bind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm bind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm bind97-utils-9.7.0-17.P2.el5_9.1.i386.rpm
ia64: bind97-9.7.0-17.P2.el5_9.1.ia64.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.ia64.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.ia64.rpm bind97-devel-9.7.0-17.P2.el5_9.1.ia64.rpm bind97-libs-9.7.0-17.P2.el5_9.1.ia64.rpm bind97-utils-9.7.0-17.P2.el5_9.1.ia64.rpm
ppc: bind97-9.7.0-17.P2.el5_9.1.ppc.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.ppc.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.ppc.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.ppc64.rpm bind97-devel-9.7.0-17.P2.el5_9.1.ppc.rpm bind97-devel-9.7.0-17.P2.el5_9.1.ppc64.rpm bind97-libs-9.7.0-17.P2.el5_9.1.ppc.rpm bind97-libs-9.7.0-17.P2.el5_9.1.ppc64.rpm bind97-utils-9.7.0-17.P2.el5_9.1.ppc.rpm
s390x: bind97-9.7.0-17.P2.el5_9.1.s390x.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.s390x.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.s390.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.s390x.rpm bind97-devel-9.7.0-17.P2.el5_9.1.s390.rpm bind97-devel-9.7.0-17.P2.el5_9.1.s390x.rpm bind97-libs-9.7.0-17.P2.el5_9.1.s390.rpm bind97-libs-9.7.0-17.P2.el5_9.1.s390x.rpm bind97-utils-9.7.0-17.P2.el5_9.1.s390x.rpm
x86_64: bind97-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-chroot-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm bind97-debuginfo-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm bind97-devel-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm bind97-libs-9.7.0-17.P2.el5_9.1.x86_64.rpm bind97-utils-9.7.0-17.P2.el5_9.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-2266.html https://access.redhat.com/security/updates/classification/#important http://www.isc.org/software/bind/advisories/cve-2013-2266
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFRVMMIXlSAg2UNWIIRAjfEAJ0cm5ty7l/kIT+0ZRMi0FCNrIkYKACdE1dB RIINsXnGUltgGxoL3WgweG8= =O7Zy -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0312",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "eq",
"trust": 1.9,
"vendor": "isc",
"version": "9.8.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.6,
"vendor": "isc",
"version": "9.8.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.8.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.7.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.8.2"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.7.1"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.6,
"vendor": "isc",
"version": "9.7.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "firewall enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.3.1"
},
{
"model": "firewall enterprise 8.2.1p04",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "firewall enterprise 8.2.1p03",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "firewall enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.2.1"
},
{
"model": "firewall enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.1.03"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.8"
},
{
"model": "bind 9.9.3-b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.5-b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7.7"
},
{
"model": "bind 9.7.6-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.6-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.6-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.4b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.7.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.7"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "3.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"model": "bind 9.9.2-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.8.4-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "1.8"
},
{
"model": "enterprise manager",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip wom",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip wom hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wom hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip wom hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip wom hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.80"
},
{
"model": "big-ip webaccelerator",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip webaccelerator hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip webaccelerator hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip webaccelerator hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip webaccelerator hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.5"
},
{
"model": "big-ip psm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip psm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip psm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip psm hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip pem hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.6.1"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"model": "big-ip ltm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip ltm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip ltm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip ltm hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.80"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.2"
},
{
"model": "big-ip link controller hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip link controller hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip link controller hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip link controller hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip link controller hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.2"
},
{
"model": "big-ip gtm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip gtm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip gtm hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip edge gateway hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip edge gateway hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip edge gateway hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip edge gateway hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.80"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "9.2"
},
{
"model": "big-ip asm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip asm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip asm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip asm hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip apm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip apm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip apm hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip apm hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "big-ip analytics hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip analytics hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip analytics hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.0"
},
{
"model": "big-ip analytics hf7",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip afm hf4",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
}
],
"sources": [
{
"db": "BID",
"id": "58736"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matthew Horsfall of Dyn, Inc.",
"sources": [
{
"db": "BID",
"id": "58736"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2266",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2266",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2266",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-559",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-2266",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. ISC BIND is prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. \nThe following are affected:\nISC BIND 9.7.x\nISC BIND 9.8.0 through versions 9.8.5-b1\nISC BIND 9.9.0 through versions 9.9.3-b1. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:9.7.3.dfsg-1~squeeze10. \n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:9.8.4.dfsg.P1-6+nmu1. \n\nWe recommend that you upgrade your bind9 packages. \n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n+--------------------------+\npatches/packages/dhcp-4.2.5_P1-i486-1_slack14.0.txz: Upgraded. \n This update replaces the included BIND 9 code that the DHCP programs\n link against. Those contained a defect that could possibly lead to\n excessive memory consumption and a denial of service. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/dhcp-4.2.5_P1-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/dhcp-4.2.5_P1-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/dhcp-4.2.5_P1-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/dhcp-4.2.5_P1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/dhcp-4.2.5_P1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dhcp-4.2.5_P1-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/dhcp-4.2.5_P1-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 12.1 package:\nc277d6dae778ddf859d3af9584cee23e dhcp-4.2.5_P1-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n15d244081a57135dfa61b8454209d296 dhcp-4.2.5_P1-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\ndf6a3c2e39397f80e03a6b4b112bbf25 dhcp-4.2.5_P1-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\ndbbdc76cc2bf5054ce15c036f3f4a21f dhcp-4.2.5_P1-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n77f1881425fbce4922256b9c2d973f80 dhcp-4.2.5_P1-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\nce4486703ec878a8cf3cd1e6791e61be dhcp-4.2.5_P1-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n01a8dde3c944beb5050d0ae6cde11bff dhcp-4.2.5_P1-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n4f74f10dbb95e30b4470cefa66eff96a dhcp-4.2.5_P1-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\naa2d3985c9ea6ebc6882c96383d62e35 dhcp-4.2.5_P1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n7f75298567f9d6ee252af1389ae9852a dhcp-4.2.5_P1-x86_64-1_slack14.0.txz\n\nSlackware -current package:\ne92641fe8649aa6d122b72e666e7420b n/dhcp-4.2.5_P1-i486-1.txz\n\nSlackware x86_64 -current package:\n2e46a3038527318b06271e11e763dbb9 n/dhcp-4.2.5_P1-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg dhcp-4.2.5_P1-i486-1_slack14.0.txz\n\nThen, restart the dhcp daemon. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. \nAffects: FreeBSD 8.4-BETA1 and FreeBSD 9.x\nCorrected: 2013-03-28 05:35:46 UTC (stable/8, 8.4-BETA1)\n 2013-03-28 05:39:45 UTC (stable/9, 9.1-STABLE)\n 2013-04-02 17:34:42 UTC (releng/9.0, 9.0-RELEASE-p7)\n 2013-04-02 17:34:42 UTC (releng/9.1, 9.1-RELEASE-p2)\nCVE Name: CVE-2013-2266\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. The libdns\nlibrary is a library of DNS protocol support functions. \n\nII. This\naffects both recursive and authoritative servers. \n\nIII. Impact\n\nA remote attacker can cause the named(8) daemon to consume all available\nmemory and crash, resulting in a denial of service. Applications linked\nwith the libdns library, for instance dig(1), may also be affected. \n\nIV. Workaround\n\nNo workaround is available, but systems not running named(8) service\nand not using base system DNS utilities are not affected. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch\n# fetch http://security.FreeBSD.org/patches/SA-13:04/bind.patch.asc\n# gpg --verify bind.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nRecompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\n3) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/8/ r248807\nstable/9/ r248808\nreleng/9.0/ r249029\nreleng/9.1/ r249029\n- -------------------------------------------------------------------------\n\nVII. ============================================================================\nUbuntu Security Notice USN-1783-1\nMarch 29, 2013\n\nbind9 vulnerability\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nBind could be made to consume memory or crash if it received specially\ncrafted network traffic. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nMatthew Horsfall discovered that Bind incorrectly handled regular\nexpression checking. This issue was corrected by disabling RDATA regular expression\nsyntax checking. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n bind9 1:9.8.1.dfsg.P1-4.2ubuntu3.2\n libdns81 1:9.8.1.dfsg.P1-4.2ubuntu3.2\n\nUbuntu 12.04 LTS:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.6\n libdns81 1:9.8.1.dfsg.P1-4ubuntu0.6\n\nUbuntu 11.10:\n bind9 1:9.7.3.dfsg-1ubuntu4.6\n libdns69 1:9.7.3.dfsg-1ubuntu4.6\n\nUbuntu 10.04 LTS:\n bind9 1:9.7.0.dfsg.P1-1ubuntu0.9\n libdns64 1:9.7.0.dfsg.P1-1ubuntu0.9\n\nIn general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-34\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: BIND: Denial of Service\n Date: January 29, 2014\n Bugs: #437828, #446094, #453974, #463497, #478316, #483208, #498016\n ID: 201401-34\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in BIND, possibly resulting in\nDenial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/bind \u003c 9.9.4_p2 \u003e= 9.9.4_p2\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in BIND. Please review\nthe CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll BIND users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/bind-9.9.4_p2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2012-5166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5166\n[ 2 ] CVE-2012-5688\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688\n[ 3 ] CVE-2012-5689\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5689\n[ 4 ] CVE-2013-2266\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2266\n[ 5 ] CVE-2013-3919\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3919\n[ 6 ] CVE-2013-4854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4854\n[ 7 ] CVE-2014-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0591\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-34.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind97 security update\nAdvisory ID: RHSA-2013:0690-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0690.html\nIssue date: 2013-03-28\nCVE Names: CVE-2013-2266 \n=====================================================================\n\n1. Summary:\n\nUpdated bind97 packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server (named); a\nresolver library (routines for applications to use when interfacing with\nDNS); and tools for verifying that the DNS server is operating correctly. \n\nA denial of service flaw was found in the libdns library. A remote attacker\ncould use this flaw to send a specially-crafted DNS query to named that,\nwhen processed, would cause named to use an excessive amount of memory, or\npossibly crash. (CVE-2013-2266)\n\nNote: This update disables the syntax checking of NAPTR (Naming Authority\nPointer) resource records. \n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a patch to correct this issue. After installing the update, the\nBIND daemon (named) will be restarted automatically. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n928027 - CVE-2013-2266 bind: libdns regular expressions excessive resource consumption DoS\n\n6. Package List:\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind97-9.7.0-17.P2.el5_9.1.src.rpm\n\ni386:\nbind97-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.i386.rpm\n\nx86_64:\nbind97-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind97-9.7.0-17.P2.el5_9.1.src.rpm\n\ni386:\nbind97-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.i386.rpm\n\nia64:\nbind97-9.7.0-17.P2.el5_9.1.ia64.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.ia64.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.ia64.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.ia64.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.ia64.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.ia64.rpm\n\nppc:\nbind97-9.7.0-17.P2.el5_9.1.ppc.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.ppc.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.ppc.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.ppc64.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.ppc.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.ppc64.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.ppc.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.ppc64.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.ppc.rpm\n\ns390x:\nbind97-9.7.0-17.P2.el5_9.1.s390x.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.s390x.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.s390.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.s390x.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.s390.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.s390x.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.s390.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.s390x.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.s390x.rpm\n\nx86_64:\nbind97-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-chroot-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-debuginfo-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-devel-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.i386.rpm\nbind97-libs-9.7.0-17.P2.el5_9.1.x86_64.rpm\nbind97-utils-9.7.0-17.P2.el5_9.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-2266.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.isc.org/software/bind/advisories/cve-2013-2266\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRVMMIXlSAg2UNWIIRAjfEAJ0cm5ty7l/kIT+0ZRMi0FCNrIkYKACdE1dB\nRIINsXnGUltgGxoL3WgweG8=\n=O7Zy\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2266"
},
{
"db": "BID",
"id": "58736"
},
{
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"db": "PACKETSTORM",
"id": "121028"
},
{
"db": "PACKETSTORM",
"id": "120973"
},
{
"db": "PACKETSTORM",
"id": "120977"
},
{
"db": "PACKETSTORM",
"id": "121059"
},
{
"db": "PACKETSTORM",
"id": "121017"
},
{
"db": "PACKETSTORM",
"id": "124979"
},
{
"db": "PACKETSTORM",
"id": "121002"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2266",
"trust": 2.7
},
{
"db": "ISC",
"id": "AA-00871",
"trust": 1.9
},
{
"db": "ISC",
"id": "AA-00879",
"trust": 1.7
},
{
"db": "BID",
"id": "58736",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "52782",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2013-2266",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121028",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120977",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124979",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121002",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"db": "BID",
"id": "58736"
},
{
"db": "PACKETSTORM",
"id": "121028"
},
{
"db": "PACKETSTORM",
"id": "120973"
},
{
"db": "PACKETSTORM",
"id": "120977"
},
{
"db": "PACKETSTORM",
"id": "121059"
},
{
"db": "PACKETSTORM",
"id": "121017"
},
{
"db": "PACKETSTORM",
"id": "124979"
},
{
"db": "PACKETSTORM",
"id": "121002"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"id": "VAR-201303-0312",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.452548188
},
"last_update_date": "2025-12-21T23:12:11.452000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: bind97 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130690 - Security Advisory"
},
{
"title": "Red Hat: Important: bind security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20130689 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2013-2266",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ce9346ea3ea8bc38b5a8f240aadc63ad"
},
{
"title": "Debian Security Advisories: DSA-2656-1 bind9 -- denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2301cf18a199518ef55a5962b8bf2d8f"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1783-1"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2012-5689",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4c4483f2e7e7c504072dc3dc6ef8958d"
},
{
"title": "Amazon Linux AMI: ALAS-2013-176",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-176"
},
{
"title": "Red Hat: CVE-2013-2266",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2013-2266"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2266"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.isc.org/software/bind/advisories/cve-2013-2266"
},
{
"trust": 1.7,
"url": "https://kb.isc.org/article/aa-00879/"
},
{
"trust": 1.7,
"url": "https://kb.isc.org/article/aa-00871/"
},
{
"trust": 1.4,
"url": "http://support.apple.com/kb/ht5880"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0690.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-1783-1"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0689.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2013/dsa-2656"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=136804614120794\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-april/101603.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-april/101500.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/58736"
},
{
"trust": 1.1,
"url": "http://linux.oracle.com/errata/elsa-2014-1244"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19579"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2266"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52782"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100171618"
},
{
"trust": 0.3,
"url": "msg://bugtraq/201304021804.r32i4b2i046008@freefall.freebsd.org"
},
{
"trust": 0.3,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken\u0026javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta"
},
{
"trust": 0.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=kb77902"
},
{
"trust": 0.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14386.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2266"
},
{
"trust": 0.2,
"url": "http://slackware.com"
},
{
"trust": 0.2,
"url": "http://osuosl.org)"
},
{
"trust": 0.2,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.2,
"url": "https://kb.isc.org/article/aa-00871"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2013:0690"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28730"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1783-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2013-2266"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-13:04/bind.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-13:04.bind.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-13:04/bind.patch"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.p1-1ubuntu0.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4.2ubuntu3.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.7.3.dfsg-1ubuntu4.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.p1-4ubuntu0.6"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3919"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-3919"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5688"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5689"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201401-34.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5688"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2266"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0591"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5689"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2266.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"db": "BID",
"id": "58736"
},
{
"db": "PACKETSTORM",
"id": "121028"
},
{
"db": "PACKETSTORM",
"id": "120973"
},
{
"db": "PACKETSTORM",
"id": "120977"
},
{
"db": "PACKETSTORM",
"id": "121059"
},
{
"db": "PACKETSTORM",
"id": "121017"
},
{
"db": "PACKETSTORM",
"id": "124979"
},
{
"db": "PACKETSTORM",
"id": "121002"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"db": "BID",
"id": "58736"
},
{
"db": "PACKETSTORM",
"id": "121028"
},
{
"db": "PACKETSTORM",
"id": "120973"
},
{
"db": "PACKETSTORM",
"id": "120977"
},
{
"db": "PACKETSTORM",
"id": "121059"
},
{
"db": "PACKETSTORM",
"id": "121017"
},
{
"db": "PACKETSTORM",
"id": "124979"
},
{
"db": "PACKETSTORM",
"id": "121002"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-28T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"date": "2013-03-26T00:00:00",
"db": "BID",
"id": "58736"
},
{
"date": "2013-03-31T19:22:00",
"db": "PACKETSTORM",
"id": "121028"
},
{
"date": "2013-03-27T14:16:03",
"db": "PACKETSTORM",
"id": "120973"
},
{
"date": "2013-03-28T02:08:54",
"db": "PACKETSTORM",
"id": "120977"
},
{
"date": "2013-04-03T18:22:22",
"db": "PACKETSTORM",
"id": "121059"
},
{
"date": "2013-03-30T01:53:40",
"db": "PACKETSTORM",
"id": "121017"
},
{
"date": "2014-01-30T01:18:39",
"db": "PACKETSTORM",
"id": "124979"
},
{
"date": "2013-03-29T01:47:27",
"db": "PACKETSTORM",
"id": "121002"
},
{
"date": "2013-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"date": "2013-03-28T16:55:01.040000",
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2266"
},
{
"date": "2015-04-13T21:48:00",
"db": "BID",
"id": "58736"
},
{
"date": "2013-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-559"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-2266"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "121028"
},
{
"db": "PACKETSTORM",
"id": "121017"
},
{
"db": "PACKETSTORM",
"id": "121002"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND Regular Expression Handling Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-559"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.