CVE-2012-5689

ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.

Published: Jan 25, 2013
Updated: Apr 13, 2023
CVE: CVE-2012-5689
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
isc / bind	9.9.0-rc2	9.9.0-rc2.x
isc / bind	9.9.0-a3	9.9.0-a3.x
isc / bind	9.9.0-a1	9.9.0-a1.x
isc / bind	9.9.0	9.9.0.x
isc / bind	9.9.0-rc3	9.9.0-rc3.x
isc / bind	9.9.0-a2	9.9.0-a2.x
isc / bind	9.9.0-b1	9.9.0-b1.x
isc / bind	9.9.1-p2	9.9.1-p2.x
isc / bind	9.9.0-rc1	9.9.0-rc1.x
isc / bind	9.9.1	9.9.1.x
isc / bind	9.9.0-b2	9.9.0-b2.x
isc / bind	9.9.0-rc4	9.9.0-rc4.x
isc / bind	9.9.1-p1	9.9.1-p1.x
isc / bind	9.9.2	9.9.2.x
redhat / enterprise_linux_hpc_node	6.0	6.0.x
redhat / enterprise_linux_server_eus	6.4.z	6.4.z.x
redhat / enterprise_linux_server_aus	6.4	6.4.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
isc / bind	9.8.4	9.8.4.x
isc / bind	9.8.1-b2	9.8.1-b2.x
isc / bind	9.8.3	9.8.3.x
isc / bind	9.8.2-b1	9.8.2-b1.x
isc / bind	9.8.1	9.8.1.x
isc / bind	9.8.3-p2	9.8.3-p2.x
isc / bind	9.8.0-a1	9.8.0-a1.x
isc / bind	9.8.0-p4	9.8.0-p4.x
isc / bind	9.8.0-rc1	9.8.0-rc1.x
isc / bind	9.8.2-rc1	9.8.2-rc1.x
isc / bind	9.8.1-rc1	9.8.1-rc1.x
isc / bind	9.8.1-b3	9.8.1-b3.x
isc / bind	9.8.0-p1	9.8.0-p1.x
isc / bind	9.8.2-rc2	9.8.2-rc2.x
isc / bind	9.8.0-p2	9.8.0-p2.x
isc / bind	9.8.1-b1	9.8.1-b1.x
isc / bind	9.8.3-p1	9.8.3-p1.x
isc / bind	9.8.0-b1	9.8.0-b1.x
isc / bind	9.8.1-p1	9.8.1-p1.x
isc / bind	9.8.0	9.8.0.x
canonical / ubuntu_linux	12.04	12.04.x
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	15.04	15.04.x

Vulnerability Database

289,599

CVE-2012-5689