GCVE - cpe:2.3:a:isc:bind:8.2.2:p5:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:8.2.2:p5:*:*:*:*:*:*

part: a version: 8.2.2 update: p5

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769477
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769479

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2002-2213`	vulnerable	2026-06-03 14:26:23.482679	Details available The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T21:08:51.276Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2212`	vulnerable	2026-06-03 14:26:23.472231	Details available The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T23:42:25.949Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDT5K http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2211`	vulnerable	2026-06-03 14:26:23.465561	Details available BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-08-08T03:51:17.718Z Open on db.gcve.eu Reference links http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.securityfocus.com/archive/1/434523/100/0/threaded http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/457875	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0012`	vulnerable	2026-06-03 14:26:00.803997	Details available BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.513Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.cert.org/advisories/CA-2001-02.html http://www.securityfocus.com/bid/2321	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-0010`	vulnerable	2026-06-03 14:26:00.798924	Details available Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. Published: 2001-05-07T04:00:00.000Z Updated: 2024-08-08T04:06:54.853Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/2302 http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.cert.org/advisories/CA-2001-02.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0888`	vulnerable	2026-06-03 14:26:00.080073	Details available named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." Published: 2001-01-22T05:00:00.000Z Updated: 2024-08-08T05:37:31.364Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2000-107.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067 https://exchange.xforce.ibmcloud.com/vulnerabilities/5814 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338 http://www.cert.org/advisories/CA-2000-20.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0887`	vulnerable	2026-06-03 14:26:00.075255	Details available named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." Published: 2001-01-22T05:00:00.000Z Updated: 2024-08-08T05:37:31.266Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2000-107.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067 http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html http://www.securityfocus.com/archive/1/143843 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.