Vulnerabilities > CVE-1999-0009
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 | |
| Application | 4 | |
| OS | Sgi
| 32 |
| OS | 9 | |
| OS | 4 | |
| OS | 9 | |
| OS | 6 | |
| OS | 1 | |
| OS | 4 | |
| OS | 1 | |
| OS | 3 |
Exploit-Db
description BSDI BSD/OS 2.1,Caldera OpenLinux Standard 1.0,Data General DG/UX 5.4 4.11,IBM AIX 4.3,ISC BIND 8.1.1,NetBSD 1.3.1,RedHat Linux 5.0,SCO Open Desktop 3.0/Serv... id EDB-ID:19111 last seen 2016-02-02 modified 1998-04-08 published 1998-04-08 reporter ROTShB source https://www.exploit-db.com/download/19111/ title Multiple OSes - BIND Buffer Overflow 1 description BSDI BSD/OS 2.1,Caldera OpenLinux Standard 1.0,Data General DG/UX 5.4 4.11,IBM AIX 4.3,ISC BIND 8.1.1,NetBSD 1.3.1,RedHat Linux 5.0,SCO Open Desktop 3.0/Serv... id EDB-ID:19112 last seen 2016-02-02 modified 1998-04-08 published 1998-04-08 reporter prym source https://www.exploit-db.com/download/19112/ title Multiple OSes - BIND Buffer Overflow 2
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHNE_12957.NASL description s700_800 11.00 Bind 4.9.7 components : Security vulnerability in the BIND executable. last seen 2020-06-01 modified 2020-06-02 plugin id 16871 published 2005-02-16 reporter This script is Copyright (C) 2005-2013 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16871 title HP-UX PHNE_12957 : s700_800 11.00 Bind 4.9.7 components code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHNE_12957. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(16871); script_version("$Revision: 1.11 $"); script_cvs_date("$Date: 2013/04/20 00:32:52 $"); script_cve_id("CVE-1999-0009", "CVE-1999-0010", "CVE-1999-0011"); script_xref(name:"HP", value:"HPSBUX9808-083"); script_name(english:"HP-UX PHNE_12957 : s700_800 11.00 Bind 4.9.7 components"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.00 Bind 4.9.7 components : Security vulnerability in the BIND executable." ); script_set_attribute( attribute:"solution", value:"Install patch PHNE_12957 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"1998/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.00")) { exit(0, "The host is not affected since PHNE_12957 applies to a different OS release."); } patches = make_list("PHNE_12957", "PHNE_14618", "PHNE_20619", "PHNE_23274", "PHNE_28449"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"InternetSrvcs.INET-ENG-A-MAN", version:"B.11.00")) flag++; if (hpux_check_patch(app:"InternetSrvcs.INETSVCS-RUN", version:"B.11.00")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family DNS NASL id BIND_IQUERY.NASL description The remote BIND server, according to its version number, is vulnerable to an inverse query overflow which could allow an attacker to execute arbitrary code on the remote host. last seen 2020-06-01 modified 2020-06-02 plugin id 10329 published 2002-04-02 reporter This script is Copyright (C) 2002-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10329 title ISC BIND < 4.9.7 / 8.1.2 Inverse-Query Remote Overflow code # # (C) Tenable Network Security, Inc. # # This script replaces bind_bof.nes include("compat.inc"); if (description) { script_id(10329); script_version("1.19"); script_cvs_date("Date: 2018/06/27 18:42:25"); script_cve_id("CVE-1999-0009"); script_bugtraq_id(134); script_name(english:"ISC BIND < 4.9.7 / 8.1.2 Inverse-Query Remote Overflow"); script_summary(english:"Checks the remote BIND version"); script_set_attribute(attribute:"synopsis", value: "It is possible to use the remote name server to break into the remote host." ); script_set_attribute(attribute:"description", value: "The remote BIND server, according to its version number, is vulnerable to an inverse query overflow which could allow an attacker to execute arbitrary code on the remote host." ); script_set_attribute(attribute:"solution", value: "Upgrade to BIND 8.1.2 or 4.9.7 or newer" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2002/04/02"); script_set_attribute(attribute:"vuln_publication_date", value: "1998/04/08"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:isc:bind"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2002-2018 Tenable Network Security, Inc."); script_family(english: "DNS"); script_dependencie("bind_version.nasl"); script_require_keys("bind/version"); exit(0); } vers = get_kb_item("bind/version"); if(!vers)exit(0); if(ereg(string:vers, pattern:"^8\.((0\..*)|(1\.[0-1]([^0-9]|$))).*"))security_hole(53); if(ereg(string:vers, pattern:"^4\.([0-8]\.|9\.[0-6]([^0-9]|$)).*"))security_hole(53);
References
- ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
- ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
- http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
- http://www.securityfocus.com/bid/134
- http://www.securityfocus.com/bid/134
- http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
- http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083