fkie_cve-2002-2211
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
References
cve@mitre.orghttp://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html
cve@mitre.orghttp://secunia.com/advisories/20217Vendor Advisory
cve@mitre.orghttp://www.imconf.net/imw-2002/imw2002-papers/198.pdf
cve@mitre.orghttp://www.kb.cert.org/vuls/id/457875US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/IAFY-5FDPYP
cve@mitre.orghttp://www.kb.cert.org/vuls/id/IAFY-5FDT4U
cve@mitre.orghttp://www.kb.cert.org/vuls/id/IAFY-5FZSLQ
cve@mitre.orghttp://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.htmlPatch
cve@mitre.orghttp://www.securityfocus.com/archive/1/434523/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/434523/100/0/threaded
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1923
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20217Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.imconf.net/imw-2002/imw2002-papers/198.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/457875US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/IAFY-5FDPYP
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/IAFY-5FDT4U
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ
af854a3a-2127-422b-91ae-364da2661108http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434523/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/434523/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1923
Impacted products
Vendor Product Version
isc bind 4.9
isc bind 4.9.2
isc bind 4.9.3
isc bind 4.9.4
isc bind 4.9.5
isc bind 4.9.5
isc bind 4.9.6
isc bind 4.9.7
isc bind 4.9.8
isc bind 4.9.9
isc bind 4.9.10
isc bind 8.2
isc bind 8.2.1
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.2
isc bind 8.2.3
isc bind 8.2.4
isc bind 8.2.5
isc bind 8.2.6
isc bind 8.2.7
isc bind 8.3.0
isc bind 8.3.1
isc bind 8.3.2
isc bind 8.3.3
isc bind 8.3.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A7C6F2-F769-447A-8C8B-9002BD6FBF6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E820DA7-FF69-48AD-B031-3C583EFE3679",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C41E69-3034-4E30-A99E-A2C3EE9AE337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "262EFABD-8349-4C34-8653-39767923C2DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB7F1274-7E0E-40C8-8006-ACFDBE757D35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.5:p1:*:*:*:*:*:*",
              "matchCriteriaId": "F96CB4CD-5044-4A08-A6BE-1201C4141851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8257C916-6F4D-4B7E-8EED-B2789B3B35AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B959A2AB-703C-4354-8E23-809D2D13EC06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0064E411-C26F-4831-B7C4-63E2E1EF98DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "982BB8D9-F396-4D99-A130-A2D8A5E61E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:4.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CEBE5DC-7D81-404C-929A-B92951AADA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52D1DAE0-DB4D-475F-B11B-29AA3A00DB60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93BB48F5-A635-402E-AE7F-B8AB90ED0C70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FE281A-610F-42CA-B741-53F2D70A3F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "BBBF703F-D43B-4C29-8AFB-DDDB51CDEF7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "BEED8045-CEA2-4EBE-A864-22D1B6103F53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p3:*:*:*:*:*:*",
              "matchCriteriaId": "C3B798F1-769E-4DBE-B99D-BFEA5F9B4DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p4:*:*:*:*:*:*",
              "matchCriteriaId": "64C3DB3B-4C8E-4647-A61B-ECED4EB63439",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "30D2ACB3-BE6D-4948-AFC3-16EAD173F595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p6:*:*:*:*:*:*",
              "matchCriteriaId": "B3255FB4-D84E-487B-B53A-4EA01D6613A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "A2D4EDEB-E366-4F40-B896-7AF14540A14C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35EE137B-0ED3-47EC-8195-58690F5B252E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "580ADA83-C07B-40DD-B219-CA1908F1087F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9371CBC-192E-44C0-9E0C-A6D61D6C0D83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E01FA3-4CEA-4AF0-973C-C6DA147C6252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C163058-A35D-4F30-B103-8A786FAA75FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79528C86-614D-4B14-9D26-89E0BE6B2AED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AF54438-F56B-4FC1-BCDB-A1A9D75374D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AE8906-AFCF-4ED9-B3E2-D6184F67C485",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1450E5BF-66A0-4096-9775-E31E98C69AAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:8.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE6003AB-39CB-4FE5-830E-022CA71B4784",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods."
    }
  ],
  "id": "CVE-2002-2211",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20217"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.imconf.net/imw-2002/imw2002-papers/198.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/457875"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FDPYP"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FDT4U"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434523/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/434523/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/1923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.imconf.net/imw-2002/imw2002-papers/198.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/457875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FDPYP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FDT4U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434523/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/434523/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1923"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.