GCVE - cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*

part: a version: 8.3.0 update: *

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769547
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:10.769549

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2003-0914`	vulnerable	2026-06-03 14:26:26.844334	Details available ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. Published: 2003-12-02T05:00:00.000Z Updated: 2024-08-08T02:12:34.426Z Open on db.gcve.eu Reference links http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt http://www.kb.cert.org/vuls/id/734644	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2213`	vulnerable	2026-06-03 14:26:23.482808	Details available The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T21:08:51.276Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2212`	vulnerable	2026-06-03 14:26:23.472362	Details available The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-09-16T23:42:25.949Z Open on db.gcve.eu Reference links http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDT5K http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2211`	vulnerable	2026-06-03 14:26:23.469455	Details available BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. Published: 2006-05-23T16:00:00.000Z Updated: 2024-08-08T03:51:17.718Z Open on db.gcve.eu Reference links http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.securityfocus.com/archive/1/434523/100/0/threaded http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/457875	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1221`	vulnerable	2026-06-03 14:26:16.141532	Details available BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.271Z Open on db.gcve.eu Reference links http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://www.securityfocus.com/bid/6159 http://www.debian.org/security/2002/dsa-196	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1220`	vulnerable	2026-06-03 14:26:16.137769	Details available BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:27.984Z Open on db.gcve.eu Reference links http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A449 http://www.debian.org/security/2002/dsa-196	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1219`	vulnerable	2026-06-03 14:26:16.133728	Details available Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.643Z Open on db.gcve.eu Reference links http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P http://www.securityfocus.com/bid/6160	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.