CVE-2002-1221 (GCVE-0-2002-1221)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CA-2002-31",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2002-31.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.isc.org/products/BIND/bind-security.html"
},
{
"name": "2002-11-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
},
{
"name": "6159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6159"
},
{
"name": "DSA-196",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-196"
},
{
"name": "bind-null-dereference-dos(10333)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10333"
},
{
"name": "SSRT2408",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/4999"
},
{
"name": "20021118 TSLSA-2002-0076 - bind",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2"
},
{
"name": "CLA-2002:546",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546"
},
{
"name": "oval:org.mitre.oval:def:2094",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094"
},
{
"name": "20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/300019"
},
{
"name": "20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 \u0026 8]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2"
},
{
"name": "N-013",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-013.shtml"
},
{
"name": "VU#581682",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/581682"
},
{
"name": "20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469"
},
{
"name": "MDKSA-2002:077",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-04T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CA-2002-31",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2002-31.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.isc.org/products/BIND/bind-security.html"
},
{
"name": "2002-11-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
},
{
"name": "6159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6159"
},
{
"name": "DSA-196",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-196"
},
{
"name": "bind-null-dereference-dos(10333)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10333"
},
{
"name": "SSRT2408",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://online.securityfocus.com/advisories/4999"
},
{
"name": "20021118 TSLSA-2002-0076 - bind",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2"
},
{
"name": "CLA-2002:546",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546"
},
{
"name": "oval:org.mitre.oval:def:2094",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094"
},
{
"name": "20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/300019"
},
{
"name": "20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 \u0026 8]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2"
},
{
"name": "N-013",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-013.shtml"
},
{
"name": "VU#581682",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/581682"
},
{
"name": "20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469"
},
{
"name": "MDKSA-2002:077",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-2002-31",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-31.html"
},
{
"name": "http://www.isc.org/products/BIND/bind-security.html",
"refsource": "CONFIRM",
"url": "http://www.isc.org/products/BIND/bind-security.html"
},
{
"name": "2002-11-21",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
},
{
"name": "6159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6159"
},
{
"name": "DSA-196",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-196"
},
{
"name": "bind-null-dereference-dos(10333)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10333"
},
{
"name": "SSRT2408",
"refsource": "COMPAQ",
"url": "http://online.securityfocus.com/advisories/4999"
},
{
"name": "20021118 TSLSA-2002-0076 - bind",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2"
},
{
"name": "CLA-2002:546",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546"
},
{
"name": "oval:org.mitre.oval:def:2094",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094"
},
{
"name": "20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/300019"
},
{
"name": "20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 \u0026 8]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2"
},
{
"name": "N-013",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-013.shtml"
},
{
"name": "VU#581682",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/581682"
},
{
"name": "20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8",
"refsource": "ISS",
"url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469"
},
{
"name": "MDKSA-2002:077",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1221",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-16T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB79EDA4-9B2C-4C4C-A5DE-CB8C6EB00BDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DF8869C-2446-48F3-A1CD-70AE44D74EF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29944FFE-5061-4903-B1FA-4E2D99CF1666\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52D1DAE0-DB4D-475F-B11B-29AA3A00DB60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93BB48F5-A635-402E-AE7F-B8AB90ED0C70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5FE281A-610F-42CA-B741-53F2D70A3F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35EE137B-0ED3-47EC-8195-58690F5B252E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"580ADA83-C07B-40DD-B219-CA1908F1087F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9371CBC-192E-44C0-9E0C-A6D61D6C0D83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71E01FA3-4CEA-4AF0-973C-C6DA147C6252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79528C86-614D-4B14-9D26-89E0BE6B2AED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AF54438-F56B-4FC1-BCDB-A1A9D75374D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2AE8906-AFCF-4ED9-B3E2-D6184F67C485\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1450E5BF-66A0-4096-9775-E31E98C69AAB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55C5FC1A-1253-4390-A4FC-573BB14EA937\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44308D13-D935-4FF8-AB52-F0E115ED1AD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C001822-FDF8-497C-AC2C-B59A00E9ACD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B86C77AB-B8FF-4376-9B4E-C88417396F3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60DA30A1-3360-46BC-85B7-008D535F95BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA33E7E2-DE7B-411E-8991-718DA0988C51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1957B3C0-7F25-469B-BC3F-7B09260837ED\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.\"}, {\"lang\": \"es\", \"value\": \"BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegaci\\u00f3n de servicio (ca\\u00edda) mediante elementos registro de recurso (RR) SIG con fecha de expiraci\\u00f3 inv\\u00e1lida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo.\"}]",
"id": "CVE-2002-1221",
"lastModified": "2024-11-20T23:40:51.033",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2002-11-29T05:00:00.000",
"references": "[{\"url\": \"http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://online.securityfocus.com/advisories/4999\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://online.securityfocus.com/archive/1/300019\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cert.org/advisories/CA-2002-31.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/n-013.shtml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2002/dsa-196\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.isc.org/products/BIND/bind-security.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/581682\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/6159\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/10333\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://online.securityfocus.com/advisories/4999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://online.securityfocus.com/archive/1/300019\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cert.org/advisories/CA-2002-31.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/n-013.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2002/dsa-196\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.isc.org/products/BIND/bind-security.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/581682\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/6159\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/10333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2002-1221\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2002-11-29T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.\"},{\"lang\":\"es\",\"value\":\"BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante elementos registro de recurso (RR) SIG con fecha de expiraci\u00f3 inv\u00e1lida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB79EDA4-9B2C-4C4C-A5DE-CB8C6EB00BDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DF8869C-2446-48F3-A1CD-70AE44D74EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29944FFE-5061-4903-B1FA-4E2D99CF1666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D1DAE0-DB4D-475F-B11B-29AA3A00DB60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93BB48F5-A635-402E-AE7F-B8AB90ED0C70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5FE281A-610F-42CA-B741-53F2D70A3F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35EE137B-0ED3-47EC-8195-58690F5B252E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"580ADA83-C07B-40DD-B219-CA1908F1087F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9371CBC-192E-44C0-9E0C-A6D61D6C0D83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71E01FA3-4CEA-4AF0-973C-C6DA147C6252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79528C86-614D-4B14-9D26-89E0BE6B2AED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AF54438-F56B-4FC1-BCDB-A1A9D75374D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2AE8906-AFCF-4ED9-B3E2-D6184F67C485\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1450E5BF-66A0-4096-9775-E31E98C69AAB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5FC1A-1253-4390-A4FC-573BB14EA937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44308D13-D935-4FF8-AB52-F0E115ED1AD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C001822-FDF8-497C-AC2C-B59A00E9ACD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86C77AB-B8FF-4376-9B4E-C88417396F3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60DA30A1-3360-46BC-85B7-008D535F95BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA33E7E2-DE7B-411E-8991-718DA0988C51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1957B3C0-7F25-469B-BC3F-7B09260837ED\"}]}]}],\"references\":[{\"url\":\"http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://online.securityfocus.com/advisories/4999\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://online.securityfocus.com/archive/1/300019\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-31.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/n-013.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2002/dsa-196\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.isc.org/products/BIND/bind-security.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/581682\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/6159\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/10333\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=103713117612842\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=103763574715133\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://online.securityfocus.com/advisories/4999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://online.securityfocus.com/archive/1/300019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cert.org/advisories/CA-2002-31.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/n-013.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2002/dsa-196\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.isc.org/products/BIND/bind-security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/581682\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/6159\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/10333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2094\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…