Vulnerability Description
resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Bind | 9.6 |
References
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
- https://kb.isc.org/article/AA-00967/PatchVendor Advisory
- https://support.apple.com/kb/HT6536
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
- https://kb.isc.org/article/AA-00967/PatchVendor Advisory
- https://support.apple.com/kb/HT6536
FAQ
What is CVE-2013-3919?
CVE-2013-3919 is a vulnerability with a CVSS score of 7.8 (HIGH). resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service ...
How severe is CVE-2013-3919?
CVE-2013-3919 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3919?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Bind.