GCVE - cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*

part: a version: 8.2 update: *

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769435
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769436

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2002-2213`	vulnerable	2026-06-03 14:26:23.482560	Details available The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T21:08:51.276Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2212`	vulnerable	2026-06-03 14:26:23.472110	Details available The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T23:42:25.949Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDT5K http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2211`	vulnerable	2026-06-03 14:26:23.462094	Details available BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-08-08T03:51:17.718Z Open on db.gcve.eu Reference links http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.securityfocus.com/archive/1/434523/100/0/threaded http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/457875	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1221`	vulnerable	2026-06-03 14:26:16.141399	Details available BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.271Z Open on db.gcve.eu Reference links http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://www.securityfocus.com/bid/6159 http://www.debian.org/security/2002/dsa-196	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1219`	vulnerable	2026-06-03 14:26:16.130183	Details available Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.643Z Open on db.gcve.eu Reference links http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P http://www.securityfocus.com/bid/6160	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0012`	vulnerable	2026-06-03 14:26:00.803885	Details available BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.513Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.cert.org/advisories/CA-2001-02.html http://www.securityfocus.com/bid/2321	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0010`	vulnerable	2026-06-03 14:26:00.798026	Details available Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.853Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/2302 http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.cert.org/advisories/CA-2001-02.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0335`	vulnerable	2026-06-03 14:25:42.958330	Details available The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:14:21.315Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/1166	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0849`	vulnerable	2026-06-03 14:25:41.632927	Details available Denial of service in BIND named via maxdname. Published: 2000-01-04T05:00:00.000Z Updated: 2024-08-01T16:48:38.123Z Open on db.gcve.eu Reference links ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt http://www.securityfocus.com/bid/788 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0848`	vulnerable	2026-06-03 14:25:41.632475	Details available Denial of service in BIND named via consuming more than "fdmax" file descriptors. Published: 2000-01-04T05:00:00.000Z Updated: 2024-08-01T16:48:38.130Z Open on db.gcve.eu Reference links ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt http://www.securityfocus.com/bid/788 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0837`	vulnerable	2026-06-03 14:25:41.620485	Details available Denial of service in BIND by improperly closing TCP sessions via so_linger. Published: 2000-01-04T05:00:00.000Z Updated: 2024-08-01T16:48:38.205Z Open on db.gcve.eu Reference links ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt http://www.securityfocus.com/bid/788 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-0833`	vulnerable	2026-06-03 14:25:41.616604	Details available Buffer overflow in BIND 8.2 via NXT records. Published: 2000-01-04T05:00:00.000Z Updated: 2024-08-01T16:48:38.129Z Open on db.gcve.eu Reference links ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt http://www.securityfocus.com/bid/788	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.