CVE-2013-4854 — HIGH (7.8) — White Hats Nepal

Vulnerability Description

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Isc	Bind	9.7.0
Suse	Suse Linux Enterprise Software Development Kit	11.0
Novell	Suse Linux	11
Isc	Dnsco Bind	9.9.3
Opensuse	Opensuse	11.4
Freebsd	Freebsd	8.0
Mandriva	Business Server	1.0
Mandriva	Enterprise Server	5.0
Redhat	Enterprise Linux	5
Fedoraproject	Fedora	18
Hp	Hp-Ux	b.11.31
Slackware	Slackware Linux	12.1

References

http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html
http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html
http://linux.oracle.com/errata/ELSA-2014-1244
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.htmVendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.htmVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.htmlVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1114.htmlVendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-1115.htmlVendor Advisory
http://secunia.com/advisories/54134Vendor Advisory
http://secunia.com/advisories/54185Vendor Advisory
http://secunia.com/advisories/54207Vendor Advisory
http://secunia.com/advisories/54211Vendor Advisory
http://secunia.com/advisories/54323Vendor Advisory
http://secunia.com/advisories/54432Vendor Advisory

FAQ

What is CVE-2013-4854?

CVE-2013-4854 is a vulnerability with a CVSS score of 7.8 (HIGH). The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remot...

How severe is CVE-2013-4854?

CVE-2013-4854 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-4854?

Check the references section above for vendor advisories and patch information. Affected products include: Isc Bind, Suse Suse Linux Enterprise Software Development Kit, Novell Suse Linux, Isc Dnsco Bind, Opensuse Opensuse.