The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bind | Isc | 9.6 (including) | 9.6 (including) |
| Bind | Isc | 9.6-r5_p1 (including) | 9.6-r5_p1 (including) |
| Bind | Isc | 9.6-r6_b1 (including) | 9.6-r6_b1 (including) |
| Bind | Isc | 9.6-r6_rc1 (including) | 9.6-r6_rc1 (including) |
| Bind | Isc | 9.6-r6_rc2 (including) | 9.6-r6_rc2 (including) |
| Bind | Isc | 9.6-r7_p1 (including) | 9.6-r7_p1 (including) |
| Bind | Isc | 9.6-r7_p2 (including) | 9.6-r7_p2 (including) |
| Bind | Isc | 9.6-r9_p1 (including) | 9.6-r9_p1 (including) |
| Bind | Isc | 9.8.0 (including) | 9.8.0 (including) |
| Bind | Isc | 9.8.0-a1 (including) | 9.8.0-a1 (including) |
| Bind | Isc | 9.8.0-b1 (including) | 9.8.0-b1 (including) |
| Bind | Isc | 9.8.0-p1 (including) | 9.8.0-p1 (including) |
| Bind | Isc | 9.8.0-p2 (including) | 9.8.0-p2 (including) |
| Bind | Isc | 9.8.0-p4 (including) | 9.8.0-p4 (including) |
| Bind | Isc | 9.8.0-rc1 (including) | 9.8.0-rc1 (including) |
| Bind | Isc | 9.8.1 (including) | 9.8.1 (including) |
| Bind | Isc | 9.8.1-b1 (including) | 9.8.1-b1 (including) |
| Bind | Isc | 9.8.1-b2 (including) | 9.8.1-b2 (including) |
| Bind | Isc | 9.8.1-b3 (including) | 9.8.1-b3 (including) |
| Bind | Isc | 9.8.1-p1 (including) | 9.8.1-p1 (including) |
| Bind | Isc | 9.8.1-rc1 (including) | 9.8.1-rc1 (including) |
| Bind | Isc | 9.8.2-b1 (including) | 9.8.2-b1 (including) |
| Bind | Isc | 9.8.2-rc1 (including) | 9.8.2-rc1 (including) |
| Bind | Isc | 9.8.2-rc2 (including) | 9.8.2-rc2 (including) |
| Bind | Isc | 9.8.3 (including) | 9.8.3 (including) |
| Bind | Isc | 9.8.3-p1 (including) | 9.8.3-p1 (including) |
| Bind | Isc | 9.8.3-p2 (including) | 9.8.3-p2 (including) |
| Bind | Isc | 9.8.4 (including) | 9.8.4 (including) |
| Bind | Isc | 9.8.5 (including) | 9.8.5 (including) |
| Bind | Isc | 9.8.5-b1 (including) | 9.8.5-b1 (including) |
| Bind | Isc | 9.8.5-b2 (including) | 9.8.5-b2 (including) |
| Bind | Isc | 9.8.5-p1 (including) | 9.8.5-p1 (including) |
| Bind | Isc | 9.8.5-p2 (including) | 9.8.5-p2 (including) |
| Bind | Isc | 9.8.5-rc1 (including) | 9.8.5-rc1 (including) |
| Bind | Isc | 9.8.5-rc2 (including) | 9.8.5-rc2 (including) |
| Bind | Isc | 9.8.6-b1 (including) | 9.8.6-b1 (including) |
| Bind | Isc | 9.9.0 (including) | 9.9.0 (including) |
| Bind | Isc | 9.9.0-a1 (including) | 9.9.0-a1 (including) |
| Bind | Isc | 9.9.0-a2 (including) | 9.9.0-a2 (including) |
| Bind | Isc | 9.9.0-a3 (including) | 9.9.0-a3 (including) |
| Bind | Isc | 9.9.0-b1 (including) | 9.9.0-b1 (including) |
| Bind | Isc | 9.9.0-b2 (including) | 9.9.0-b2 (including) |
| Bind | Isc | 9.9.0-rc1 (including) | 9.9.0-rc1 (including) |
| Bind | Isc | 9.9.0-rc2 (including) | 9.9.0-rc2 (including) |
| Bind | Isc | 9.9.0-rc3 (including) | 9.9.0-rc3 (including) |
| Bind | Isc | 9.9.0-rc4 (including) | 9.9.0-rc4 (including) |
| Bind | Isc | 9.9.1 (including) | 9.9.1 (including) |
| Bind | Isc | 9.9.1-p1 (including) | 9.9.1-p1 (including) |
| Bind | Isc | 9.9.1-p2 (including) | 9.9.1-p2 (including) |
| Bind | Isc | 9.9.2 (including) | 9.9.2 (including) |
| Bind | Isc | 9.9.3 (including) | 9.9.3 (including) |
| Bind | Isc | 9.9.3-b1 (including) | 9.9.3-b1 (including) |
| Bind | Isc | 9.9.3-b2 (including) | 9.9.3-b2 (including) |
| Bind | Isc | 9.9.3-p1 (including) | 9.9.3-p1 (including) |
| Bind | Isc | 9.9.3-p2 (including) | 9.9.3-p2 (including) |
| Bind | Isc | 9.9.3-rc1 (including) | 9.9.3-rc1 (including) |
| Bind | Isc | 9.9.3-rc2 (including) | 9.9.3-rc2 (including) |
| Bind | Isc | 9.9.4-b1 (including) | 9.9.4-b1 (including) |