CVE-2013-4854: High severity isc bind 9 vulnerability

Published Jul 26, 2013
·
Updated

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

Affected Software

109 affected components
ISC BIND=9.7.0
ISC BIND=9.7.0-b1
ISC BIND=9.7.0-p1
ISC BIND=9.7.0-p2
ISC BIND=9.7.0-rc1
ISC BIND=9.7.0-rc2
ISC BIND=9.7.1
ISC BIND=9.7.1-p1
ISC BIND=9.7.1-p2
ISC BIND=9.7.1-rc1
ISC BIND=9.7.2
ISC BIND=9.7.2-p1
ISC BIND=9.7.2-p2
ISC BIND=9.7.2-p3
ISC BIND=9.7.2-rc1
ISC BIND=9.7.3
ISC BIND=9.7.3-b1
ISC BIND=9.7.3-p1
ISC BIND=9.7.3-rc1
ISC BIND=9.7.4
ISC BIND=9.7.4-b1
ISC BIND=9.7.4-p1
ISC BIND=9.7.4-rc1
ISC BIND=9.7.5
ISC BIND=9.7.5-b1
ISC BIND=9.7.5-rc1
ISC BIND=9.7.5-rc2
ISC BIND=9.7.6
ISC BIND=9.7.6-p1
ISC BIND=9.7.6-p2
ISC BIND=9.7.7
SUSE Suse Linux Enterprise Software Development Kit=11.0-sp2
SUSE Suse Linux Enterprise Software Development Kit=11.0-sp3
Novell SUSE Linux=11
Novell SUSE Linux=11
ISC DNSco BIND=9.9.3-s1
ISC DNSco BIND=9.9.4-s1b1
openSUSE openSUSE=11.4
ISC BIND=9.9.0
ISC BIND=9.9.0-a1
ISC BIND=9.9.0-a2
ISC BIND=9.9.0-a3
ISC BIND=9.9.0-b1
ISC BIND=9.9.0-b2
ISC BIND=9.9.0-rc1
ISC BIND=9.9.0-rc2
ISC BIND=9.9.0-rc3
ISC BIND=9.9.0-rc4
ISC BIND=9.9.1
ISC BIND=9.9.1-p1
ISC BIND=9.9.1-p2
ISC BIND=9.9.2
ISC BIND=9.9.3
ISC BIND=9.9.3-b1
ISC BIND=9.9.3-b2
ISC BIND=9.9.3-p1
ISC BIND=9.9.3-rc1
ISC BIND=9.9.3-rc2
FreeBSD FreeBSD=8.0
FreeBSD FreeBSD=8.1
FreeBSD FreeBSD=8.2
FreeBSD FreeBSD=8.3
FreeBSD FreeBSD=8.4
FreeBSD FreeBSD=9.0
FreeBSD FreeBSD=9.1
FreeBSD FreeBSD=9.1-p4
FreeBSD FreeBSD=9.1-p5
FreeBSD FreeBSD=9.2-prerelease
FreeBSD FreeBSD=9.2-rc1
FreeBSD FreeBSD=9.2-rc2
Mandriva Business Server=1.0
Mandriva Enterprise Server=5.0
redhat Enterprise Linux=5
redhat Enterprise Linux=6.0
ISC BIND=9.8.0
ISC BIND=9.8.0-a1
ISC BIND=9.8.0-b1
ISC BIND=9.8.0-p1
ISC BIND=9.8.0-p2
ISC BIND=9.8.0-p4
ISC BIND=9.8.0-rc1
ISC BIND=9.8.1
ISC BIND=9.8.1-b1
ISC BIND=9.8.1-b2
ISC BIND=9.8.1-b3
ISC BIND=9.8.1-p1
ISC BIND=9.8.1-rc1
ISC BIND=9.8.2-b1
ISC BIND=9.8.2-rc1
ISC BIND=9.8.2-rc2
ISC BIND=9.8.3
ISC BIND=9.8.3-p1
ISC BIND=9.8.3-p2
ISC BIND=9.8.4
ISC BIND=9.8.5
ISC BIND=9.8.5-b1
ISC BIND=9.8.5-b2
ISC BIND=9.8.5-p1
ISC BIND=9.8.5-rc1
ISC BIND=9.8.5-rc2
ISC BIND=9.8.6-b1
Fedoraproject Fedora=18
Fedoraproject Fedora=19
HP HP-UX=b.11.31
Slackware Slackware Linux=12.1
Slackware Slackware Linux=12.2
Slackware Slackware Linux=13.0
Slackware Slackware Linux=13.1
Slackware Slackware Linux=13.37

Event History

Jul 26, 2013
CVE Published
via MITRE·11:00 PM
Data Sourced
via MITRE·11:00 PM
Description
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2013-4854?

CVE-2013-4854 has a high severity rating due to its potential to cause denial of service.

2

How do I fix CVE-2013-4854?

To fix CVE-2013-4854, update ISC BIND to version 9.8.5-P2 or later, or apply the relevant patches.

3

What versions of ISC BIND are affected by CVE-2013-4854?

CVE-2013-4854 affects ISC BIND versions 9.7.x and 9.8.x before 9.8.5-P2, as well as certain 9.9.x versions prior to 9.9.3-P2.

4

Is it possible to exploit CVE-2013-4854 remotely?

Yes, CVE-2013-4854 can be exploited remotely through specially crafted queries.

5

What type of vulnerability is CVE-2013-4854 classified as?

CVE-2013-4854 is classified as a denial of service vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203