Advisory Details

August 13th, 2013

ISC BIND rdata Denial Of Service Vulnerability

ZDI-13-210
ZDI-CAN-1911

CVE ID CVE-2013-4854
CVSS SCORE 7.8, (AV:N/AC:L/Au:N/C:N/I:N/A:C)
AFFECTED VENDORS ISC
AFFECTED PRODUCTS BIND
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 13117. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS


This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of ISC BIND. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of an rdata section with a length that is less than four. The issue lies in the creation of an error message when an invalid message class is specified. An attacker can leverage this vulnerability to crash a remote instance of ISC BIND.

ADDITIONAL DETAILS ISC has issued an update to correct this vulnerability. More details can be found at:
https://kb.isc.org/article/AA-01015/0/CVE-2013-4854%3A-A-specially-crafted-query-can-cause-BIND-to-terminate-abnormally.html
DISCLOSURE TIMELINE
  • 2013-07-15 - Vulnerability reported to vendor
  • 2013-08-13 - Coordinated public release of advisory
CREDIT Maxim Shudrak
BACK TO ADVISORIES