CVE-2007-0494

NameCVE-2007-0494
DescriptionISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1254-1
NVD severitymedium
Debian Bugs408432

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bind9 (PTS)stretch1:9.10.3.dfsg.P4-12.3+deb9u6fixed
stretch (security)1:9.10.3.dfsg.P4-12.3+deb9u7fixed
buster, buster (security)1:9.11.5.P4+dfsg-5.1+deb10u2fixed
bullseye, sid1:9.16.8-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bindsource(unstable)(not affected)
bind9sourcesarge1:9.2.4-1sarge2DSA-1254-1
bind9source(unstable)1:9.3.4-2medium408432

Search for package or bug name: Reporting problems