Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-4022
Description:Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
Test IDs: 1.3.6.1.4.1.25623.1.0.66677   1.3.6.1.4.1.25623.1.0.66781   1.3.6.1.4.1.25623.1.0.66661   1.3.6.1.4.1.25623.1.0.66459   1.3.6.1.4.1.25623.1.0.66755   1.3.6.1.4.1.25623.1.0.66463   1.3.6.1.4.1.25623.1.0.66761   1.3.6.1.4.1.25623.1.0.66615   1.3.6.1.4.1.25623.1.0.100362   1.3.6.1.4.1.25623.1.0.66596   1.3.6.1.4.1.25623.1.0.66373   1.3.6.1.4.1.25623.1.0.66328   1.3.6.1.4.1.25623.1.0.66349   1.3.6.1.4.1.25623.1.0.66319   1.3.6.1.4.1.25623.1.0.66461   1.3.6.1.4.1.25623.1.0.66327   1.3.6.1.4.1.25623.1.0.122415   1.3.6.1.4.1.25623.1.0.122397   1.3.6.1.4.1.25623.1.0.880687   1.3.6.1.4.1.25623.1.0.880604  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-4022
AIX APAR: IZ68597
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597
AIX APAR: IZ71667
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667
AIX APAR: IZ71774
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BugTraq ID: 37118
http://www.securityfocus.com/bid/37118
CERT/CC vulnerability note: VU#418861
http://www.kb.cert.org/vuls/id/418861
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304
http://www.openwall.com/lists/oss-security/2009/11/24/2
http://www.openwall.com/lists/oss-security/2009/11/24/8
http://www.openwall.com/lists/oss-security/2009/11/24/1
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://osvdb.org/60493
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459
RedHat Security Advisories: RHSA-2009:1620
http://www.redhat.com/support/errata/RHSA-2009-1620.html
http://secunia.com/advisories/37426
http://secunia.com/advisories/37491
http://secunia.com/advisories/38219
http://secunia.com/advisories/38240
http://secunia.com/advisories/38794
http://secunia.com/advisories/38834
http://secunia.com/advisories/39334
http://secunia.com/advisories/40730
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
http://www.ubuntu.com/usn/USN-888-1
http://www.vupen.com/english/advisories/2009/3335
http://www.vupen.com/english/advisories/2010/0176
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2010/0622
XForce ISS Database: bind-dnssec-cache-poisoning(54416)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54416




© 1998-2024 E-Soft Inc. All rights reserved.