CVE-2007-0494
Last modified
CVE-2007-0494 is a vulnerability of currently unknown severity. ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.. EPSS estimates a 43.35% chance of exploitation in the next 30 days.
Description
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Isc | Bind | 9.0 | — |
| Isc | Bind | 9.0.0 | Rc1 |
| Isc | Bind | 9.0.1 | — |
| Isc | Bind | 9.1 | — |
| Isc | Bind | 9.1.0 | Rc1 |
| Isc | Bind | 9.1.1 | — |
| Isc | Bind | 9.1.2 | — |
| Isc | Bind | 9.1.3 | — |
| Isc | Bind | 9.2 | — |
| Isc | Bind | 9.2.0 | — |
| Isc | Bind | 9.2.1 | — |
| Isc | Bind | 9.2.2 | — |
| Isc | Bind | 9.2.3 | — |
| Isc | Bind | 9.2.4 | — |
| Isc | Bind | 9.2.5 | — |
| Isc | Bind | 9.2.6 | — |
| Isc | Bind | 9.3 | — |
| Isc | Bind | 9.3.0 | — |
| Isc | Bind | 9.3.1 | — |
| Isc | Bind | 9.3.2 | — |
| Isc | Bind | 9.4.0 | A1 |
| Isc | Bind | 9.5.0 | A1 |
References
- http://secunia.com/advisories/23904Patch, Vendor Advisory
- http://secunia.com/advisories/23924Vendor Advisory
- http://secunia.com/advisories/23943Vendor Advisory
- http://secunia.com/advisories/23944Vendor Advisory
- http://secunia.com/advisories/23972Vendor Advisory
- http://secunia.com/advisories/23974Vendor Advisory
- http://secunia.com/advisories/23977Vendor Advisory
- http://secunia.com/advisories/24014Vendor Advisory
- http://secunia.com/advisories/24048Vendor Advisory
- http://secunia.com/advisories/24054Vendor Advisory
- http://secunia.com/advisories/24083Vendor Advisory
- http://secunia.com/advisories/24129Vendor Advisory
- http://secunia.com/advisories/24203Vendor Advisory
- http://secunia.com/advisories/24648Vendor Advisory
- http://secunia.com/advisories/24930Vendor Advisory
- http://secunia.com/advisories/24950Vendor Advisory
- http://secunia.com/advisories/25402Vendor Advisory
- http://secunia.com/advisories/23904Patch, Vendor Advisory
- http://secunia.com/advisories/23924Vendor Advisory
- http://secunia.com/advisories/23943Vendor Advisory
- http://secunia.com/advisories/23944Vendor Advisory
- http://secunia.com/advisories/23972Vendor Advisory
- http://secunia.com/advisories/23974Vendor Advisory
- http://secunia.com/advisories/23977Vendor Advisory
- http://secunia.com/advisories/24014Vendor Advisory
- http://secunia.com/advisories/24048Vendor Advisory
- http://secunia.com/advisories/24054Vendor Advisory
- http://secunia.com/advisories/24083Vendor Advisory
- http://secunia.com/advisories/24129Vendor Advisory
- http://secunia.com/advisories/24203Vendor Advisory
- http://secunia.com/advisories/24648Vendor Advisory
- http://secunia.com/advisories/24930Vendor Advisory
- http://secunia.com/advisories/24950Vendor Advisory
- http://secunia.com/advisories/25402Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-0494?
How severe is CVE-2007-0494?
How do I fix CVE-2007-0494?
Are you affected by CVE-2007-0494?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST