Skip to navigation

CVE Database

CVE-2012-5166

Impact: Important
Public: 2012-10-09
Bugzilla: 864273: CVE-2012-5166 bind: Specially crafted DNS data can cause a lockup in named
IAVA: 2013-A-0179

Details

The MITRE CVE dictionary describes this issue as:

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.

Find out more about CVE-2012-5166 from the MITRE CVE dictionary and NIST NVD.

CVSS v2 metrics

Base Score: 5.0
Base Metrics: AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux ES (v. 4 ELS) (bind) RHSA-2012:1365 October 12, 2012
Red Hat Enterprise Linux version 5 (bind) RHSA-2012:1363 October 12, 2012
Red Hat Enterprise Linux version 5 (bind97) RHSA-2012:1364 October 12, 2012
Red Hat Enterprise Linux version 6 (bind) RHSA-2012:1363 October 12, 2012

External References

https://kb.isc.org/article/AA-00801

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.