GCVE - cpe:2.3:a:isc:bind:4.9.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:4.9.3:*:*:*:*:*:*:*

part: a version: 4.9.3 update: *

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769370
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769371

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2002-2213`	vulnerable	2026-06-03 14:26:23.482399	Details available The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T21:08:51.276Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2212`	vulnerable	2026-06-03 14:26:23.471959	Details available The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T23:42:25.949Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDT5K http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2211`	vulnerable	2026-06-03 14:26:23.457625	Details available BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-08-08T03:51:17.718Z Open on db.gcve.eu Reference links http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.securityfocus.com/archive/1/434523/100/0/threaded http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/457875	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-0029`	vulnerable	2026-06-03 14:26:13.087373	Details available Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. Published: 2002-11-21T05:00:00.000Z Updated: 2024-08-08T02:35:17.387Z Open on db.gcve.eu Reference links http://www.iss.net/security_center/static/10624.php ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc http://www.cert.org/advisories/CA-2002-31.html http://www.securityfocus.com/bid/6186 http://www.kb.cert.org/vuls/id/844360	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0013`	vulnerable	2026-06-03 14:26:00.804333	Details available Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.651Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.nai.com/research/covert/advisories/047.asp http://www.securityfocus.com/bid/2309 http://www.cert.org/advisories/CA-2001-02.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0012`	vulnerable	2026-06-03 14:26:00.803791	Details available BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.513Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.cert.org/advisories/CA-2001-02.html http://www.securityfocus.com/bid/2321	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0011`	vulnerable	2026-06-03 14:26:00.801354	Details available Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:55.356Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.nai.com/research/covert/advisories/047.asp http://www.securityfocus.com/bid/2307 http://www.cert.org/advisories/CA-2001-02.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.