Buffer overflow in bind (Alpine package)

1) Buffer overflow

EUVDB-ID: #VU31840

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2013-2266

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.

Mitigation

Install update from vendor's website.

Vulnerable software versions

bind (Alpine package): 9.8.4_p1-r0

CPE2.3

• cpe:2.3:o:alpine:bind_alpine_package:9.8.4_p1-r0:*:*:*:*:alpine_linux:*:

External links

http://git.alpinelinux.org/aports/commit/?id=0c5e0d00df59b2541ef41d9f3e71c027a90f133f
http://git.alpinelinux.org/aports/commit/?id=9b0b82c823658f1d013745367024b3738cb6dde5
http://git.alpinelinux.org/aports/commit/?id=a0bc4b15b88992e54c16e8525b60c7f9cf85103f
http://git.alpinelinux.org/aports/commit/?id=a6af71174ca370366c6e103f464a26bbc117d621
http://git.alpinelinux.org/aports/commit/?id=17f105dd292281d4e6fb5176e4a0f4d1685c6ac3
http://git.alpinelinux.org/aports/commit/?id=7f993b4a85561913269fcb1ff3c9958b7f77e03a
http://git.alpinelinux.org/aports/commit/?id=553c4c1c782e1a41aef14bd549565cc9f4ce1af8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.