CVE-2013-4854

Description

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

7.8

CVSS

Severity: High

CVSS 2.0 •

EPSS 70.64% Top 5%

Vendor Advisory fedoraproject.org Vendor Advisory hp.com Vendor Advisory neohapsis.com Vendor Advisory mandriva.com Vendor Advisory freebsd.org Vendor Advisory fedoraproject.org Vendor Advisory opensuse.org Vendor Advisory redhat.com Vendor Advisory opensuse.org Vendor Advisory ubuntu.com Vendor Advisory debian.org Vendor Advisory redhat.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory secunia.com Vendor Advisory isc.org Vendor Advisory isc.org

Affected: n/a n/a

References

Link	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html	vendor advisory
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396	vendor advisory
https://kb.isc.org/article/AA-01015	vendor advisory
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html	vendor advisory
http://secunia.com/advisories/54134	third party advisory vendor advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:202	vendor advisory
http://linux.oracle.com/errata/ELSA-2014-1244
http://secunia.com/advisories/54185	third party advisory vendor advisory
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc	vendor advisory
https://kb.isc.org/article/AA-01016	vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561	vdb entry signature
https://kc.mcafee.com/corporate/index?page=content&id=SB10052
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html	vendor advisory
http://secunia.com/advisories/54207	third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html	vendor advisory
https://support.apple.com/kb/HT6536
https://exchange.xforce.ibmcloud.com/vulnerabilities/86004	vdb entry
http://www.zerodayinitiative.com/advisories/ZDI-13-210/
http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html	mailing list
http://rhn.redhat.com/errata/RHSA-2013-1114.html	vendor advisory
http://www.securityfocus.com/bid/61479	vdb entry
http://secunia.com/advisories/54323	third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html	vendor advisory
http://secunia.com/advisories/54211	third party advisory vendor advisory
http://www.ubuntu.com/usn/USN-1910-1	vendor advisory
http://www.debian.org/security/2013/dsa-2728	vendor advisory
http://www.securitytracker.com/id/1028838	vdb entry
http://rhn.redhat.com/errata/RHSA-2013-1115.html	vendor advisory
http://secunia.com/advisories/54432	third party advisory vendor advisory

Frequently Asked Questions

What is the severity of CVE-2013-4854?: CVE-2013-4854 has been scored as a high severity vulnerability.
How to fix CVE-2013-4854?: To fix CVE-2013-4854, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2013-4854 being actively exploited in the wild?: It is possible that CVE-2013-4854 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~71% probability that this vulnerability will be exploited by malicious actors in the next 30 days.