Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2009-4022

Published: Nov 25, 2009 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
2.6 MODERATE
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2009-4022
CWEhttps://cwe.mitre.org/data/definitions/.html

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO), aka Bug 20438.

Affected Software

Name Vendor Start Version End Version
Bind Isc 9.0 (including) 9.0 (including)
Bind Isc 9.0.0-rc1 (including) 9.0.0-rc1 (including)
Bind Isc 9.0.0-rc2 (including) 9.0.0-rc2 (including)
Bind Isc 9.0.0-rc3 (including) 9.0.0-rc3 (including)
Bind Isc 9.0.0-rc4 (including) 9.0.0-rc4 (including)
Bind Isc 9.0.0-rc5 (including) 9.0.0-rc5 (including)
Bind Isc 9.0.0-rc6 (including) 9.0.0-rc6 (including)
Bind Isc 9.0.1 (including) 9.0.1 (including)
Bind Isc 9.0.1-rc1 (including) 9.0.1-rc1 (including)
Bind Isc 9.0.1-rc2 (including) 9.0.1-rc2 (including)
Bind Isc 9.1 (including) 9.1 (including)
Bind Isc 9.1.0-rc1 (including) 9.1.0-rc1 (including)
Bind Isc 9.1.1 (including) 9.1.1 (including)
Bind Isc 9.1.1-rc1 (including) 9.1.1-rc1 (including)
Bind Isc 9.1.1-rc2 (including) 9.1.1-rc2 (including)
Bind Isc 9.1.1-rc3 (including) 9.1.1-rc3 (including)
Bind Isc 9.1.1-rc4 (including) 9.1.1-rc4 (including)
Bind Isc 9.1.1-rc5 (including) 9.1.1-rc5 (including)
Bind Isc 9.1.1-rc6 (including) 9.1.1-rc6 (including)
Bind Isc 9.1.1-rc7 (including) 9.1.1-rc7 (including)
Bind Isc 9.1.2 (including) 9.1.2 (including)
Bind Isc 9.1.2-rc1 (including) 9.1.2-rc1 (including)
Bind Isc 9.1.3 (including) 9.1.3 (including)
Bind Isc 9.1.3-rc1 (including) 9.1.3-rc1 (including)
Bind Isc 9.1.3-rc2 (including) 9.1.3-rc2 (including)
Bind Isc 9.1.3-rc3 (including) 9.1.3-rc3 (including)
Bind Isc 9.2 (including) 9.2 (including)
Bind Isc 9.2.0 (including) 9.2.0 (including)
Bind Isc 9.2.0-a1 (including) 9.2.0-a1 (including)
Bind Isc 9.2.0-a2 (including) 9.2.0-a2 (including)
Bind Isc 9.2.0-a3 (including) 9.2.0-a3 (including)
Bind Isc 9.2.0-b1 (including) 9.2.0-b1 (including)
Bind Isc 9.2.0-b2 (including) 9.2.0-b2 (including)
Bind Isc 9.2.0-rc1 (including) 9.2.0-rc1 (including)
Bind Isc 9.2.0-rc10 (including) 9.2.0-rc10 (including)
Bind Isc 9.2.0-rc2 (including) 9.2.0-rc2 (including)
Bind Isc 9.2.0-rc3 (including) 9.2.0-rc3 (including)
Bind Isc 9.2.0-rc4 (including) 9.2.0-rc4 (including)
Bind Isc 9.2.0-rc5 (including) 9.2.0-rc5 (including)
Bind Isc 9.2.0-rc6 (including) 9.2.0-rc6 (including)
Bind Isc 9.2.0-rc7 (including) 9.2.0-rc7 (including)
Bind Isc 9.2.0-rc8 (including) 9.2.0-rc8 (including)
Bind Isc 9.2.0-rc9 (including) 9.2.0-rc9 (including)
Bind Isc 9.2.1 (including) 9.2.1 (including)
Bind Isc 9.2.1-rc1 (including) 9.2.1-rc1 (including)
Bind Isc 9.2.1-rc2 (including) 9.2.1-rc2 (including)
Bind Isc 9.2.2 (including) 9.2.2 (including)
Bind Isc 9.2.2-p2 (including) 9.2.2-p2 (including)
Bind Isc 9.2.2-p3 (including) 9.2.2-p3 (including)
Bind Isc 9.2.2-rc1 (including) 9.2.2-rc1 (including)
Bind Isc 9.2.3 (including) 9.2.3 (including)
Bind Isc 9.2.3-rc1 (including) 9.2.3-rc1 (including)
Bind Isc 9.2.3-rc2 (including) 9.2.3-rc2 (including)
Bind Isc 9.2.3-rc3 (including) 9.2.3-rc3 (including)
Bind Isc 9.2.3-rc4 (including) 9.2.3-rc4 (including)
Bind Isc 9.2.4 (including) 9.2.4 (including)
Bind Isc 9.2.4-rc2 (including) 9.2.4-rc2 (including)
Bind Isc 9.2.4-rc3 (including) 9.2.4-rc3 (including)
Bind Isc 9.2.4-rc4 (including) 9.2.4-rc4 (including)
Bind Isc 9.2.4-rc5 (including) 9.2.4-rc5 (including)
Bind Isc 9.2.4-rc6 (including) 9.2.4-rc6 (including)
Bind Isc 9.2.4-rc7 (including) 9.2.4-rc7 (including)
Bind Isc 9.2.4-rc8 (including) 9.2.4-rc8 (including)
Bind Isc 9.2.5 (including) 9.2.5 (including)
Bind Isc 9.2.5-b2 (including) 9.2.5-b2 (including)
Bind Isc 9.2.5-rc1 (including) 9.2.5-rc1 (including)
Bind Isc 9.2.6 (including) 9.2.6 (including)
Bind Isc 9.2.6-rc1 (including) 9.2.6-rc1 (including)
Bind Isc 9.2.7 (including) 9.2.7 (including)
Bind Isc 9.2.7-rc1 (including) 9.2.7-rc1 (including)
Bind Isc 9.2.7-rc2 (including) 9.2.7-rc2 (including)
Bind Isc 9.2.7-rc3 (including) 9.2.7-rc3 (including)
Bind Isc 9.2.8 (including) 9.2.8 (including)
Bind Isc 9.2.9 (including) 9.2.9 (including)
Bind Isc 9.2.9-rc1 (including) 9.2.9-rc1 (including)
Bind Isc 9.3 (including) 9.3 (including)
Bind Isc 9.3.0 (including) 9.3.0 (including)
Bind Isc 9.3.0-b2 (including) 9.3.0-b2 (including)
Bind Isc 9.3.0-b3 (including) 9.3.0-b3 (including)
Bind Isc 9.3.0-b4 (including) 9.3.0-b4 (including)
Bind Isc 9.3.0-rc1 (including) 9.3.0-rc1 (including)
Bind Isc 9.3.0-rc2 (including) 9.3.0-rc2 (including)
Bind Isc 9.3.0-rc3 (including) 9.3.0-rc3 (including)
Bind Isc 9.3.0-rc4 (including) 9.3.0-rc4 (including)
Bind Isc 9.3.1 (including) 9.3.1 (including)
Bind Isc 9.3.1-b2 (including) 9.3.1-b2 (including)
Bind Isc 9.3.1-rc1 (including) 9.3.1-rc1 (including)
Bind Isc 9.3.2 (including) 9.3.2 (including)
Bind Isc 9.3.2-rc1 (including) 9.3.2-rc1 (including)
Bind Isc 9.3.3 (including) 9.3.3 (including)
Bind Isc 9.3.3-rc1 (including) 9.3.3-rc1 (including)
Bind Isc 9.3.3-rc2 (including) 9.3.3-rc2 (including)
Bind Isc 9.3.3-rc3 (including) 9.3.3-rc3 (including)
Bind Isc 9.3.4 (including) 9.3.4 (including)
Bind Isc 9.3.5 (including) 9.3.5 (including)
Bind Isc 9.3.5-rc1 (including) 9.3.5-rc1 (including)
Bind Isc 9.3.5-rc2 (including) 9.3.5-rc2 (including)
Bind Isc 9.3.6 (including) 9.3.6 (including)
Bind Isc 9.3.6-rc1 (including) 9.3.6-rc1 (including)
Bind Isc 9.4.0 (including) 9.4.0 (including)
Bind Isc 9.4.0-a1 (including) 9.4.0-a1 (including)
Bind Isc 9.4.0-a2 (including) 9.4.0-a2 (including)
Bind Isc 9.4.0-a3 (including) 9.4.0-a3 (including)
Bind Isc 9.4.0-a4 (including) 9.4.0-a4 (including)
Bind Isc 9.4.0-a5 (including) 9.4.0-a5 (including)
Bind Isc 9.4.0-a6 (including) 9.4.0-a6 (including)
Bind Isc 9.4.0-b1 (including) 9.4.0-b1 (including)
Bind Isc 9.4.0-b2 (including) 9.4.0-b2 (including)
Bind Isc 9.4.0-b3 (including) 9.4.0-b3 (including)
Bind Isc 9.4.0-b4 (including) 9.4.0-b4 (including)
Bind Isc 9.4.0-rc1 (including) 9.4.0-rc1 (including)
Bind Isc 9.4.0-rc2 (including) 9.4.0-rc2 (including)
Bind Isc 9.4.1 (including) 9.4.1 (including)
Bind Isc 9.4.2 (including) 9.4.2 (including)
Bind Isc 9.4.2-rc1 (including) 9.4.2-rc1 (including)
Bind Isc 9.4.2-rc2 (including) 9.4.2-rc2 (including)
Bind Isc 9.4.3 (including) 9.4.3 (including)
Bind Isc 9.4.3-b1 (including) 9.4.3-b1 (including)
Bind Isc 9.4.3-b2 (including) 9.4.3-b2 (including)
Bind Isc 9.4.3-b3 (including) 9.4.3-b3 (including)
Bind Isc 9.4.3-p1 (including) 9.4.3-p1 (including)
Bind Isc 9.4.3-p2 (including) 9.4.3-p2 (including)
Bind Isc 9.4.3-p3 (including) 9.4.3-p3 (including)
Bind Isc 9.4.3-rc1 (including) 9.4.3-rc1 (including)
Bind Isc 9.5.0 (including) 9.5.0 (including)
Bind Isc 9.5.0-a1 (including) 9.5.0-a1 (including)
Bind Isc 9.5.0-a2 (including) 9.5.0-a2 (including)
Bind Isc 9.5.0-a3 (including) 9.5.0-a3 (including)
Bind Isc 9.5.0-a4 (including) 9.5.0-a4 (including)
Bind Isc 9.5.0-a5 (including) 9.5.0-a5 (including)
Bind Isc 9.5.0-a6 (including) 9.5.0-a6 (including)
Bind Isc 9.5.0-a7 (including) 9.5.0-a7 (including)
Bind Isc 9.5.0-b1 (including) 9.5.0-b1 (including)
Bind Isc 9.5.0-b2 (including) 9.5.0-b2 (including)
Bind Isc 9.5.0-b3 (including) 9.5.0-b3 (including)
Bind Isc 9.5.0-p1 (including) 9.5.0-p1 (including)
Bind Isc 9.5.0-p2 (including) 9.5.0-p2 (including)
Bind Isc 9.5.0-p2_w1 (including) 9.5.0-p2_w1 (including)
Bind Isc 9.5.0-p2_w2 (including) 9.5.0-p2_w2 (including)
Bind Isc 9.5.0-rc1 (including) 9.5.0-rc1 (including)
Bind Isc 9.5.1 (including) 9.5.1 (including)
Bind Isc 9.5.1-b1 (including) 9.5.1-b1 (including)
Bind Isc 9.5.1-b2 (including) 9.5.1-b2 (including)
Bind Isc 9.5.1-b3 (including) 9.5.1-b3 (including)
Bind Isc 9.5.1-rc1 (including) 9.5.1-rc1 (including)
Bind Isc 9.5.1-rc2 (including) 9.5.1-rc2 (including)
Bind Isc 9.5.2 (including) 9.5.2 (including)
Bind Isc 9.5.2-b1 (including) 9.5.2-b1 (including)
Bind Isc 9.5.2-rc1 (including) 9.5.2-rc1 (including)
Bind Isc 9.6.0 (including) 9.6.0 (including)
Bind Isc 9.6.0-a1 (including) 9.6.0-a1 (including)
Bind Isc 9.6.0-b1 (including) 9.6.0-b1 (including)
Bind Isc 9.6.0-p1 (including) 9.6.0-p1 (including)
Bind Isc 9.6.0-rc1 (including) 9.6.0-rc1 (including)
Bind Isc 9.6.0-rc2 (including) 9.6.0-rc2 (including)
Bind Isc 9.6.1 (including) 9.6.1 (including)
Bind Isc 9.6.1-b1 (including) 9.6.1-b1 (including)
Bind Isc 9.6.1-p1 (including) 9.6.1-p1 (including)
Bind Isc 9.6.1-rc1 (including) 9.6.1-rc1 (including)
Bind Isc 9.7.0 (including) 9.7.0 (including)
Bind Isc 9.7.0-a1 (including) 9.7.0-a1 (including)
Bind Isc 9.7.0-a2 (including) 9.7.0-a2 (including)
Bind Isc 9.7.0-a3 (including) 9.7.0-a3 (including)
Bind Isc 9.7.0-b1 (including) 9.7.0-b1 (including)
Bind Isc 9.7.0-b2 (including) 9.7.0-b2 (including)
Bind Isc 9.7.0-b3 (including) 9.7.0-b3 (including)
Bind Isc 9.7.0-p1 (including) 9.7.0-p1 (including)
Bind Isc 9.7.0-rc1 (including) 9.7.0-rc1 (including)
Bind Isc 9.7.0-rc2 (including) 9.7.0-rc2 (including)
Red Hat Enterprise Linux 5 RedHat bind-30:9.3.6-4.P1.el5_4.1 *
Bind Ubuntu dapper *
Bind9 Ubuntu dapper *
Bind9 Ubuntu hardy *
Bind9 Ubuntu intrepid *
Bind9 Ubuntu jaunty *
Bind9 Ubuntu karmic *
Bind9 Ubuntu upstream *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use