Vulnerability Description
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Bind | 9.8.0 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2012-1549.htmlThird Party Advisory
- http://support.apple.com/kb/HT5880Third Party Advisory
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackThird Party Advisory
- http://www.ubuntu.com/usn/USN-1657-1Third Party Advisory
- https://kb.isc.org/article/AA-00828PatchVendor Advisory
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2012-1549.htmlThird Party Advisory
- http://support.apple.com/kb/HT5880Third Party Advisory
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackThird Party Advisory
- http://www.ubuntu.com/usn/USN-1657-1Third Party Advisory
- https://kb.isc.org/article/AA-00828PatchVendor Advisory
FAQ
What is CVE-2012-5688?
CVE-2012-5688 is a vulnerability with a CVSS score of 7.8 (HIGH). ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
How severe is CVE-2012-5688?
CVE-2012-5688 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5688?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Bind, Canonical Ubuntu Linux.