Vulnerability-Lookup

CVE-2014-8500 (GCVE-0-2014-8500)

Vulnerability from cvelistv5 – Published: 2014-12-11 02:00 – Updated: 2024-08-06 13:18

Summary

ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142180687100892&w=2	vendor-advisoryx_refsource_HP
	http://security.gentoo.org/glsa/glsa-201502-03.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/62122	third-party-advisoryx_refsource_SECUNIA
	http://ftp.netbsd.org/pub/NetBSD/security/advisor…	vendor-advisoryx_refsource_NETBSD
	https://kb.isc.org/article/AA-01216/	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://lists.opensuse.org/opensuse-updates/2015-0…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/62064	third-party-advisoryx_refsource_SECUNIA
	http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/…	x_refsource_MISC
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://www.debian.org/security/2014/dsa-3094	vendor-advisoryx_refsource_DEBIAN
	http://securitytracker.com/id?1031311	vdb-entryx_refsource_SECTRACK
	http://advisories.mageia.org/MGASA-2014-0524.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.kb.cert.org/vuls/id/264212	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/71590	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://ubuntu.com/usn/usn-2437-1	vendor-advisoryx_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=144000632319155&w=2	vendor-advisoryx_refsource_HP
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://rhn.redhat.com/errata/RHSA-2016-0078.html	vendor-advisoryx_refsource_REDHAT
	https://support.apple.com/HT205219	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=142180687100892&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=144000632319155&w=2	vendor-advisoryx_refsource_HP
	https://security.netapp.com/advisory/ntap-2019073…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:18:48.302Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "HPSBUX03235",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
          },
          {
            "name": "GLSA-201502-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
          },
          {
            "name": "62122",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62122"
          },
          {
            "name": "NetBSD-SA2015-002",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/article/AA-01216/"
          },
          {
            "name": "MDVSA-2015:165",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
          },
          {
            "name": "openSUSE-SU-2015:1250",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
          },
          {
            "name": "SUSE-SU-2015:0480",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
          },
          {
            "name": "62064",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62064"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
          },
          {
            "name": "DSA-3094",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3094"
          },
          {
            "name": "1031311",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1031311"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
          },
          {
            "name": "SUSE-SU-2015:0488",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
          },
          {
            "name": "VU#264212",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/264212"
          },
          {
            "name": "71590",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/71590"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "name": "SUSE-SU-2015:0096",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
          },
          {
            "name": "SUSE-SU-2015:0011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
          },
          {
            "name": "USN-2437-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-2437-1"
          },
          {
            "name": "HPSBUX03400",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
          },
          {
            "name": "APPLE-SA-2015-09-16-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
          },
          {
            "name": "RHSA-2016:0078",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205219"
          },
          {
            "name": "SSRT101750",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
          },
          {
            "name": "SSRT102211",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-30T17:06:10.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "HPSBUX03235",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
        },
        {
          "name": "GLSA-201502-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
        },
        {
          "name": "62122",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62122"
        },
        {
          "name": "NetBSD-SA2015-002",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.isc.org/article/AA-01216/"
        },
        {
          "name": "MDVSA-2015:165",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
        },
        {
          "name": "openSUSE-SU-2015:1250",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
        },
        {
          "name": "SUSE-SU-2015:0480",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
        },
        {
          "name": "62064",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62064"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
        },
        {
          "name": "DSA-3094",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3094"
        },
        {
          "name": "1031311",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1031311"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
        },
        {
          "name": "SUSE-SU-2015:0488",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
        },
        {
          "name": "VU#264212",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/264212"
        },
        {
          "name": "71590",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/71590"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
        },
        {
          "name": "SUSE-SU-2015:0096",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
        },
        {
          "name": "SUSE-SU-2015:0011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
        },
        {
          "name": "USN-2437-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-2437-1"
        },
        {
          "name": "HPSBUX03400",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
        },
        {
          "name": "APPLE-SA-2015-09-16-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
        },
        {
          "name": "RHSA-2016:0078",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205219"
        },
        {
          "name": "SSRT101750",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
        },
        {
          "name": "SSRT102211",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8500",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "HPSBUX03235",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
            },
            {
              "name": "GLSA-201502-03",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
            },
            {
              "name": "62122",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62122"
            },
            {
              "name": "NetBSD-SA2015-002",
              "refsource": "NETBSD",
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
            },
            {
              "name": "https://kb.isc.org/article/AA-01216/",
              "refsource": "CONFIRM",
              "url": "https://kb.isc.org/article/AA-01216/"
            },
            {
              "name": "MDVSA-2015:165",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
            },
            {
              "name": "openSUSE-SU-2015:1250",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
            },
            {
              "name": "SUSE-SU-2015:0480",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
            },
            {
              "name": "62064",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62064"
            },
            {
              "name": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html",
              "refsource": "MISC",
              "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
            },
            {
              "name": "DSA-3094",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-3094"
            },
            {
              "name": "1031311",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1031311"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0524.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
            },
            {
              "name": "SUSE-SU-2015:0488",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
            },
            {
              "name": "VU#264212",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/264212"
            },
            {
              "name": "71590",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/71590"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
            },
            {
              "name": "SUSE-SU-2015:0096",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
            },
            {
              "name": "SUSE-SU-2015:0011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
            },
            {
              "name": "USN-2437-1",
              "refsource": "UBUNTU",
              "url": "http://ubuntu.com/usn/usn-2437-1"
            },
            {
              "name": "HPSBUX03400",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
            },
            {
              "name": "APPLE-SA-2015-09-16-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
            },
            {
              "name": "RHSA-2016:0078",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
            },
            {
              "name": "https://support.apple.com/HT205219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205219"
            },
            {
              "name": "SSRT101750",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
            },
            {
              "name": "SSRT102211",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190730-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-8500",
    "datePublished": "2014-12-11T02:00:00.000Z",
    "dateReserved": "2014-10-28T00:00:00.000Z",
    "dateUpdated": "2024-08-06T13:18:48.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2015-AVI-146

Vulnerability from certfr_avis - Published: 2015-04-13 - Updated: 2015-04-13

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper NSM versions antérieures à 2012.2R12
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3R9
Juniper Networks	N/A	Juniper CTPOS versions antérieures à 6.6R5
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.2X50-D70
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 11.4R12
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.2X51-D30
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3R7
Juniper Networks	N/A	Juniper NSM versions antérieures à 2012.2R11
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3R10
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.2R6
Juniper Networks	N/A	Juniper CTPView versions antérieures à 7.1R1
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.3R6
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 14.2R1
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.3X48-D10
Juniper Networks	N/A	Juniper CTPOS versions antérieures à 7.0R4
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 14.1X53-D10
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.1X46-D35
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.1X47-D25
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 14.1R5
Juniper Networks	N/A	Juniper CTPOS versions antérieures à 7.1R1
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.1X44-D50
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.3R5
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.2X52-D15
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 14.1R3
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 14.2R3
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.2R8
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 12.2R9
Juniper Networks	Junos OS	Juniper Junos OS versions antérieures à 13.1X50-D30
Juniper Networks	N/A	Juniper IDP OS versions antérieures à 5.1r4

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10679 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10676 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10673 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10672 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10680 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10677 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10678 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10675 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10674 du 07 avril 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper NSM versions ant\u00e9rieures \u00e0 2012.2R12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 6.6R5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.2X50-D70",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 11.4R12",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2X51-D30",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R7",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper NSM versions ant\u00e9rieures \u00e0 2012.2R11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2R6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper CTPView versions ant\u00e9rieures \u00e0 7.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.3R6",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 7.0R4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D10",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D35",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X47-D25",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 7.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X44-D50",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.3R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2X52-D15",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.2R3",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2R8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.2R9",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.1X50-D30",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper IDP OS versions ant\u00e9rieures \u00e0 5.1r4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-0208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0208"
    },
    {
      "name": "CVE-2015-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
    },
    {
      "name": "CVE-2014-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3571"
    },
    {
      "name": "CVE-2015-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0286"
    },
    {
      "name": "CVE-2015-3002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3002"
    },
    {
      "name": "CVE-2014-3570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3570"
    },
    {
      "name": "CVE-2015-3004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3004"
    },
    {
      "name": "CVE-2009-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
    },
    {
      "name": "CVE-2015-0288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0288"
    },
    {
      "name": "CVE-2015-0206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0206"
    },
    {
      "name": "CVE-2015-0290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0290"
    },
    {
      "name": "CVE-2014-6271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6271"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2011-0539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0539"
    },
    {
      "name": "CVE-2015-0207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0207"
    },
    {
      "name": "CVE-2010-4478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4478"
    },
    {
      "name": "CVE-2015-0285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0285"
    },
    {
      "name": "CVE-2014-4478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4478"
    },
    {
      "name": "CVE-2015-3003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3003"
    },
    {
      "name": "CVE-2012-0814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0814"
    },
    {
      "name": "CVE-2015-0204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0204"
    },
    {
      "name": "CVE-2015-0293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0293"
    },
    {
      "name": "CVE-2015-0287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0287"
    },
    {
      "name": "CVE-2015-1787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1787"
    },
    {
      "name": "CVE-2014-8275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8275"
    },
    {
      "name": "CVE-2015-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0205"
    },
    {
      "name": "CVE-2015-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0209"
    },
    {
      "name": "CVE-2015-0291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0291"
    },
    {
      "name": "CVE-2015-0289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0289"
    },
    {
      "name": "CVE-2014-3572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3572"
    },
    {
      "name": "CVE-2014-3569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3569"
    },
    {
      "name": "CVE-2015-3005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3005"
    },
    {
      "name": "CVE-2014-8500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8500"
    },
    {
      "name": "CVE-2012-2131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
    },
    {
      "name": "CVE-2015-3006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3006"
    }
  ],
  "initial_release_date": "2015-04-13T00:00:00",
  "last_revision_date": "2015-04-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2015-AVI-146",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10679 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10676 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10673 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10672 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10672"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10680 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10680"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10677 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10677"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10678 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10678"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10675 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10675"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10674 du 07 avril 2015",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10674"
    }
  ]
}

CERTFR-2015-AVI-394

Vulnerability from certfr_avis - Published: 2015-09-18 - Updated: 2015-09-18

De multiples vulnérabilités ont été corrigées dans Apple OS X Server. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple OS X Server version antérieure à 5.0.3

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT205219 du 16 septembre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple OS X Server version ant\u00e9rieure \u00e0 5.0.3\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-1349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1349"
    },
    {
      "name": "CVE-2015-3165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3165"
    },
    {
      "name": "CVE-2015-3183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
    },
    {
      "name": "CVE-2014-3583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3583"
    },
    {
      "name": "CVE-2014-3581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3581"
    },
    {
      "name": "CVE-2015-5911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5911"
    },
    {
      "name": "CVE-2014-0067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0067"
    },
    {
      "name": "CVE-2015-0241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0241"
    },
    {
      "name": "CVE-2015-3167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3167"
    },
    {
      "name": "CVE-2015-3185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185"
    },
    {
      "name": "CVE-2015-0243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0243"
    },
    {
      "name": "CVE-2015-0244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0244"
    },
    {
      "name": "CVE-2015-3166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3166"
    },
    {
      "name": "CVE-2013-5704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5704"
    },
    {
      "name": "CVE-2015-0228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0228"
    },
    {
      "name": "CVE-2014-8161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8161"
    },
    {
      "name": "CVE-2015-0242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0242"
    },
    {
      "name": "CVE-2015-0253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0253"
    },
    {
      "name": "CVE-2014-8109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8109"
    },
    {
      "name": "CVE-2014-8500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8500"
    }
  ],
  "initial_release_date": "2015-09-18T00:00:00",
  "last_revision_date": "2015-09-18T00:00:00",
  "links": [],
  "reference": "CERTFR-2015-AVI-394",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-09-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApple OS X Server\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple OS X Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT205219 du 16 septembre 2015",
      "url": "https://support.apple.com/fr-fr/HT205219"
    }
  ]
}

GSD-2014-8500

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-8500

Aliases

CVE-2014-8500

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-8500",
    "description": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.",
    "id": "GSD-2014-8500",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-8500.html",
      "https://www.debian.org/security/2014/dsa-3094",
      "https://access.redhat.com/errata/RHSA-2016:0078",
      "https://access.redhat.com/errata/RHSA-2014:1985",
      "https://access.redhat.com/errata/RHSA-2014:1984",
      "https://ubuntu.com/security/CVE-2014-8500",
      "https://advisories.mageia.org/CVE-2014-8500.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2014-8500.html",
      "https://linux.oracle.com/cve/CVE-2014-8500.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-8500"
      ],
      "details": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.",
      "id": "GSD-2014-8500",
      "modified": "2023-12-13T01:22:48.932636Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-8500",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "HPSBUX03235",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
          },
          {
            "name": "GLSA-201502-03",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
          },
          {
            "name": "62122",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62122"
          },
          {
            "name": "NetBSD-SA2015-002",
            "refsource": "NETBSD",
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
          },
          {
            "name": "https://kb.isc.org/article/AA-01216/",
            "refsource": "CONFIRM",
            "url": "https://kb.isc.org/article/AA-01216/"
          },
          {
            "name": "MDVSA-2015:165",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
          },
          {
            "name": "openSUSE-SU-2015:1250",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
          },
          {
            "name": "SUSE-SU-2015:0480",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
          },
          {
            "name": "62064",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62064"
          },
          {
            "name": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html",
            "refsource": "MISC",
            "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
          },
          {
            "name": "DSA-3094",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2014/dsa-3094"
          },
          {
            "name": "1031311",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1031311"
          },
          {
            "name": "http://advisories.mageia.org/MGASA-2014-0524.html",
            "refsource": "CONFIRM",
            "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
          },
          {
            "name": "SUSE-SU-2015:0488",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
          },
          {
            "name": "VU#264212",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/264212"
          },
          {
            "name": "71590",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/71590"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "name": "SUSE-SU-2015:0096",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
          },
          {
            "name": "SUSE-SU-2015:0011",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
          },
          {
            "name": "USN-2437-1",
            "refsource": "UBUNTU",
            "url": "http://ubuntu.com/usn/usn-2437-1"
          },
          {
            "name": "HPSBUX03400",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
          },
          {
            "name": "APPLE-SA-2015-09-16-4",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
          },
          {
            "name": "RHSA-2016:0078",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
          },
          {
            "name": "https://support.apple.com/HT205219",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT205219"
          },
          {
            "name": "SSRT101750",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
          },
          {
            "name": "SSRT102211",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20190730-0002/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-8500"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-2437-1",
              "refsource": "UBUNTU",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://ubuntu.com/usn/usn-2437-1"
            },
            {
              "name": "https://kb.isc.org/article/AA-01216/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.isc.org/article/AA-01216/"
            },
            {
              "name": "1031311",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1031311"
            },
            {
              "name": "DSA-3094",
              "refsource": "DEBIAN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2014/dsa-3094"
            },
            {
              "name": "71590",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/71590"
            },
            {
              "name": "VU#264212",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/264212"
            },
            {
              "name": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
            },
            {
              "name": "GLSA-201502-03",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
            },
            {
              "name": "SUSE-SU-2015:0096",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
            },
            {
              "name": "SUSE-SU-2015:0011",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
            },
            {
              "name": "SSRT101750",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
            },
            {
              "name": "SUSE-SU-2015:0488",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:0480",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2014-0524.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
            },
            {
              "name": "MDVSA-2015:165",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
            },
            {
              "name": "https://support.apple.com/HT205219",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.apple.com/HT205219"
            },
            {
              "name": "APPLE-SA-2015-09-16-4",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
            },
            {
              "name": "SSRT102211",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
            },
            {
              "name": "RHSA-2016:0078",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
            },
            {
              "name": "openSUSE-SU-2015:1250",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
            },
            {
              "name": "62122",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/62122"
            },
            {
              "name": "62064",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/62064"
            },
            {
              "name": "NetBSD-SA2015-002",
              "refsource": "NETBSD",
              "tags": [],
              "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190730-0002/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-01-03T02:59Z",
      "publishedDate": "2014-12-11T02:59Z"
    }
  }
}

FKIE_CVE-2014-8500

Vulnerability from fkie_nvd - Published: 2014-12-11 02:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://advisories.mageia.org/MGASA-2014-0524.html
cve@mitre.org	http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html	Vendor Advisory
cve@mitre.org	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10676
cve@mitre.org	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=142180687100892&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=144000632319155&w=2
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-0078.html
cve@mitre.org	http://secunia.com/advisories/62064
cve@mitre.org	http://secunia.com/advisories/62122
cve@mitre.org	http://security.gentoo.org/glsa/glsa-201502-03.xml
cve@mitre.org	http://securitytracker.com/id?1031311
cve@mitre.org	http://ubuntu.com/usn/usn-2437-1	Patch, Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2014/dsa-3094	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/264212	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2015:165
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
cve@mitre.org	http://www.securityfocus.com/bid/71590
cve@mitre.org	https://kb.isc.org/article/AA-01216/	Vendor Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20190730-0002/
cve@mitre.org	https://support.apple.com/HT205219
af854a3a-2127-422b-91ae-364da2661108	http://advisories.mageia.org/MGASA-2014-0524.html
af854a3a-2127-422b-91ae-364da2661108	http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10676
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=142180687100892&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=144000632319155&w=2
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-0078.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62064
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62122
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201502-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1031311
af854a3a-2127-422b-91ae-364da2661108	http://ubuntu.com/usn/usn-2437-1	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-3094	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/264212	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2015:165
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/71590
af854a3a-2127-422b-91ae-364da2661108	https://kb.isc.org/article/AA-01216/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20190730-0002/
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT205219

Impacted products

Vendor	Product	Version
isc	bind	9.0
isc	bind	9.0.1
isc	bind	9.1
isc	bind	9.1.1
isc	bind	9.1.2
isc	bind	9.1.3
isc	bind	9.2
isc	bind	9.2.0
isc	bind	9.2.1
isc	bind	9.2.2
isc	bind	9.2.3
isc	bind	9.2.4
isc	bind	9.2.5
isc	bind	9.2.6
isc	bind	9.2.7
isc	bind	9.2.8
isc	bind	9.2.9
isc	bind	9.3
isc	bind	9.3.0
isc	bind	9.3.1
isc	bind	9.3.2
isc	bind	9.3.3
isc	bind	9.3.4
isc	bind	9.3.5
isc	bind	9.3.6
isc	bind	9.4
isc	bind	9.4.0
isc	bind	9.4.1
isc	bind	9.4.2
isc	bind	9.4.3
isc	bind	9.5
isc	bind	9.5.0
isc	bind	9.5.1
isc	bind	9.5.2
isc	bind	9.5.3
isc	bind	9.6.0
isc	bind	9.6.1
isc	bind	9.6.2
isc	bind	9.6.3
isc	bind	9.7.0
isc	bind	9.7.1
isc	bind	9.7.2
isc	bind	9.7.3
isc	bind	9.7.4
isc	bind	9.7.5
isc	bind	9.7.6
isc	bind	9.7.7
isc	bind	9.8.0
isc	bind	9.8.1
isc	bind	9.8.2
isc	bind	9.8.3
isc	bind	9.8.4
isc	bind	9.8.5
isc	bind	9.8.6
isc	bind	9.9.0
isc	bind	9.9.1
isc	bind	9.9.2
isc	bind	9.9.3
isc	bind	9.9.4
isc	bind	9.9.5
isc	bind	9.9.6
isc	bind	9.10.0
isc	bind	9.10.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52373DC-3E05-424B-9C78-4092A75C75A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "098633E6-88F0-4DBC-986F-D11EDA29877F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1861756C-CC81-4EAB-8427-57A3C62BFF96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDD642FC-1764-4090-A32D-830CEAE69E53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE954FD0-56AF-4757-BAA8-B0C64703F6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF891263-4ACE-47C3-83F3-C06E49F32451",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F947835-8E96-4793-B81E-EEC103BF0CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6520F4-B203-400A-8629-8A40B739DB11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AF07E87-B109-4B15-A358-7A454502E077",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "614C9459-D526-4880-AE03-4A1558CB941F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CFA05CD-0BE4-4E85-A3DE-8B3E2622159F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D43375C5-0736-43DE-99B5-B75719D0AD0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4360536-0BA6-41DB-AA87-45AFB51562CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "438AEC8C-DD71-4A25-9E9D-A89415F7EC83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDF6B08-6BA8-400C-BF01-ABD2306FE0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3014690C-784C-487D-A378-4B977C8460E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "90E4653A-C63A-4568-BFF2-ECAB7AB5A55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA93166-513D-40AA-9855-FC89060BA03C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "847C1017-F964-4A33-BEA8-DDB202DD0FB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B0D8854-64B6-42C9-B4D2-B2AF16AC0F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F95086-3107-4C38-BB3B-7BABA9BD15C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE49740-2220-4305-BB8A-80E56CF4D9E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B579EF-A538-4AA4-BDE8-CDB39E155A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "23BFA179-11A1-436D-805A-9814B85AEEB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "01CA8370-ACF5-4DEC-8D3C-C502A97A101C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C8B18D7-4D15-46A7-8013-E6267127A427",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D7C7524-6943-4D94-8835-0221F0F0CD63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "916D4013-27A5-4688-A985-A9B77F90AC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8583B8D-54A4-4064-810B-34F4F5A33A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E01A12DF-E94B-426E-8751-96FC56105D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A944178-032B-4637-842D-BC6B227043A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32CEF8AD-9EE7-4ADA-888E-883751962529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F592D0F-095C-4F3B-97E7-E92C259D0CD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4449E90-2112-4860-A981-66639B9318ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B9707CD-5410-4254-B44C-A0B80D4FDCB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F42F7AF7-D37C-4213-B2BC-D2B9FE725BDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BEF53C6-E555-49D4-B4B2-63BA71CC77E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC25639-482D-4574-B43B-497DDD8998B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BCD66DB-383B-4BB7-8C00-E073C4F788F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B178BB5-A0DC-4014-A8CC-D89B0E2F9789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC642B5-ACA4-4764-A9F2-3C87D5D8E9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "881B8C5B-8A66-45AC-85E6-758B8A8153BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "423211E8-A08B-4254-977A-1917AED9B794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1BC4C7-F72B-43DB-B729-018360F4B281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BC43BF9-5C34-4DF1-846A-E416DE9C7DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D13D4E84-04EB-4843-A1C4-E3265D1DAC00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC599FF2-080F-4545-BA31-6F431AA558AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A340FC79-76D3-477B-AAB1-2873819C52B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "59428551-218B-4C32-982F-DCDC894E2954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD318FF1-320B-4311-AF7E-988C023B4938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDCC8861-0655-4180-A083-1516AC441A3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D233F4-FF9C-454D-903A-D0F42F70F3D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B96B87-F18C-41EF-9A37-7D0842433A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A3798A1-134C-4066-A012-10C15F103EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7EF7BF7-6997-43F3-9AEF-DF0907A3E139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D70CEA-5694-47C4-B30A-660DCEFC3BDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7944FAC9-AF75-4FDF-B8CE-7D2ED56B8BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "92ECA27E-4248-49BD-A84C-4854CCA19AC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "16EB6777-8E49-4B07-B859-06D0C2F29DC8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals."
    },
    {
      "lang": "es",
      "value": "ISC BIND 9.0.x hasta 9.8.x, 9.9.0 hasta 9.9.6, y 9.10.0 hasta 9.10.1 no limita el encadenamiento de la delegaci\u00f3n, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda del nombrado) a trav\u00e9s de un n\u00famero grande o infinito de referencias."
    }
  ],
  "id": "CVE-2014-8500",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-11T02:59:00.077",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62064"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62122"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1031311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://ubuntu.com/usn/usn-2437-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3094"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/264212"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/71590"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.isc.org/article/AA-01216/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.apple.com/HT205219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1031311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://ubuntu.com/usn/usn-2437-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2014/dsa-3094"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/264212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/71590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.isc.org/article/AA-01216/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20190730-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT205219"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-QCV9-4M2R-585W

Vulnerability from github – Published: 2022-05-17 03:11 – Updated: 2025-04-12 12:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-8500"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-11T02:59:00Z",
    "severity": "HIGH"
  },
  "details": "ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.",
  "id": "GHSA-qcv9-4m2r-585w",
  "modified": "2025-04-12T12:42:55Z",
  "published": "2022-05-17T03:11:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8500"
    },
    {
      "type": "WEB",
      "url": "https://kb.isc.org/article/AA-01216"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20190730-0002"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT205219"
    },
    {
      "type": "WEB",
      "url": "http://advisories.mageia.org/MGASA-2014-0524.html"
    },
    {
      "type": "WEB",
      "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html"
    },
    {
      "type": "WEB",
      "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=142180687100892\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=144000632319155\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0078.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62064"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62122"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201502-03.xml"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1031311"
    },
    {
      "type": "WEB",
      "url": "http://ubuntu.com/usn/usn-2437-1"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2014/dsa-3094"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/264212"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:165"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/71590"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-8500 (GCVE-0-2014-8500)

CERTFR-2015-AVI-146

Solution

CERTFR-2015-AVI-394

Solution

GSD-2014-8500

FKIE_CVE-2014-8500

GHSA-QCV9-4M2R-585W

Tags

Sightings

Nomenclature