CVE-2009-4022

NONECVSS 0.0

0.0

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.

🔗 References (88)

secalert@redhatftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt
secalert@redhathttp://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc
secalert@redhathttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
secalert@redhathttp://lists.vmware.com/pipermail/security-announce/2010/000082.html
secalert@redhathttp://osvdb.org/60493
secalert@redhathttp://secunia.com/advisories/37426
secalert@redhathttp://secunia.com/advisories/37491
secalert@redhathttp://secunia.com/advisories/38219
secalert@redhathttp://secunia.com/advisories/38240
secalert@redhathttp://secunia.com/advisories/38794
secalert@redhathttp://secunia.com/advisories/38834
secalert@redhathttp://secunia.com/advisories/39334
secalert@redhathttp://secunia.com/advisories/40730
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1

Is Your Infrastructure Affected by CVE-2009-4022?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-4022

📅 Published

🔄 Last Modified

🔗 References (88)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-4022?