Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-1221

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

  • Published: Nov 29, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-1221
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
isc / bind 8.2 8.2.x
isc / bind 8.1 8.1.x
isc / bind 8.2.1 8.2.1.x
isc / bind 8.2.5 8.2.5.x
isc / bind 8.3.1 8.3.1.x
isc / bind 8.3.2 8.3.2.x
isc / bind 8.1.2 8.1.2.x
isc / bind 8.2.2 8.2.2.x
isc / bind 8.2.4 8.2.4.x
isc / bind 8.2.6 8.2.6.x
isc / bind 8.3.0 8.3.0.x
isc / bind 8.3.3 8.3.3.x
isc / bind 8.1.1 8.1.1.x
isc / bind 8.2.3 8.2.3.x
openbsd / openbsd 3.1 3.1.x
freebsd / freebsd 4.5 4.5.x
freebsd / freebsd 4.7 4.7.x
freebsd / freebsd 4.4 4.4.x
openbsd / openbsd 3.2 3.2.x
openbsd / openbsd 3.0 3.0.x
freebsd / freebsd 4.6 4.6.x