ByteOS Network

CVE Vulnerability Details :

CVE-2009-4022

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-25 Nov, 2009 | 16:00

Updated At-07 Aug, 2024 | 06:45

▼CVE Numbering Authority (CNA)

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/40730	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/37426	third-party-advisory x_refsource_SECUNIA
http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821	vdb-entry signature x_refsource_OVAL
http://www.vupen.com/english/advisories/2010/0176	vdb-entry x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/54416	vdb-entry x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=538744	x_refsource_CONFIRM
http://www.securityfocus.com/bid/37118	vdb-entry x_refsource_BID
http://secunia.com/advisories/38794	third-party-advisory x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2010/000082.html	mailing-list x_refsource_MLIST
http://osvdb.org/60493	vdb-entry x_refsource_OSVDB
https://www.isc.org/advisories/CVE-2009-4022v6	x_refsource_CONFIRM
http://secunia.com/advisories/38240	third-party-advisory x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html	vendor-advisory x_refsource_FEDORA
http://secunia.com/advisories/37491	third-party-advisory x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-888-1	vendor-advisory x_refsource_UBUNTU
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459	vdb-entry signature x_refsource_OVAL
http://www.openwall.com/lists/oss-security/2009/11/24/8	mailing-list x_refsource_MLIST
http://www.kb.cert.org/vuls/id/418861	third-party-advisory x_refsource_CERT-VN
https://www.isc.org/advisories/CVE2009-4022	x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667	vendor-advisory x_refsource_AIXAPAR
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1	vendor-advisory x_refsource_SUNALERT
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory x_refsource_APPLE
http://secunia.com/advisories/39334	third-party-advisory x_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2009/11/24/2	mailing-list x_refsource_MLIST
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304	vendor-advisory x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2009/3335	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/0622	vdb-entry x_refsource_VUPEN
https://issues.rpath.com/browse/RPL-3152	x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597	vendor-advisory x_refsource_AIXAPAR
http://secunia.com/advisories/38834	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/38219	third-party-advisory x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745	vdb-entry signature x_refsource_OVAL
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774	vendor-advisory x_refsource_AIXAPAR
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488	x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html	vendor-advisory x_refsource_FEDORA
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018	x_refsource_CONFIRM
http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt	x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2009-1620.html	vendor-advisory x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2009/11/24/1	mailing-list x_refsource_MLIST
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1	vendor-advisory x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2010/0528	vdb-entry x_refsource_VUPEN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/40730

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/37426

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc

Resource:

x_refsource_CONFIRM

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://www.vupen.com/english/advisories/2010/0176

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/54416

Resource:

vdb-entry

x_refsource_XF

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=538744

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/37118

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/38794

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://osvdb.org/60493

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: https://www.isc.org/advisories/CVE-2009-4022v6

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/38240

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://secunia.com/advisories/37491

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.ubuntu.com/usn/USN-888-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/8

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.kb.cert.org/vuls/id/418861

Resource:

third-party-advisory

x_refsource_CERT-VN

Hyperlink: https://www.isc.org/advisories/CVE2009-4022

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ71667

Resource:

vendor-advisory

x_refsource_AIXAPAR

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://secunia.com/advisories/39334

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/2

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:304

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.vupen.com/english/advisories/2009/3335

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2010/0622

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://issues.rpath.com/browse/RPL-3152

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ68597

Resource:

vendor-advisory

x_refsource_AIXAPAR

Hyperlink: http://secunia.com/advisories/38834

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/38219

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ71774

Resource:

vendor-advisory

x_refsource_AIXAPAR

Hyperlink: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

Resource:

x_refsource_CONFIRM

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

Resource:

x_refsource_CONFIRM

Hyperlink: http://support.apple.com/kb/HT5002

Resource:

x_refsource_CONFIRM

Hyperlink: ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1620.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/1

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://www.vupen.com/english/advisories/2010/0528

Resource:

vdb-entry

x_refsource_VUPEN

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/40730	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/37426	third-party-advisory x_refsource_SECUNIA x_transferred
http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc	x_refsource_CONFIRM x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821	vdb-entry signature x_refsource_OVAL x_transferred
http://www.vupen.com/english/advisories/2010/0176	vdb-entry x_refsource_VUPEN x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/54416	vdb-entry x_refsource_XF x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=538744	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/37118	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/38794	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.vmware.com/pipermail/security-announce/2010/000082.html	mailing-list x_refsource_MLIST x_transferred
http://osvdb.org/60493	vdb-entry x_refsource_OSVDB x_transferred
https://www.isc.org/advisories/CVE-2009-4022v6	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/38240	third-party-advisory x_refsource_SECUNIA x_transferred
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html	vendor-advisory x_refsource_FEDORA x_transferred
http://secunia.com/advisories/37491	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.ubuntu.com/usn/USN-888-1	vendor-advisory x_refsource_UBUNTU x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459	vdb-entry signature x_refsource_OVAL x_transferred
http://www.openwall.com/lists/oss-security/2009/11/24/8	mailing-list x_refsource_MLIST x_transferred
http://www.kb.cert.org/vuls/id/418861	third-party-advisory x_refsource_CERT-VN x_transferred
https://www.isc.org/advisories/CVE2009-4022	x_refsource_CONFIRM x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ71667	vendor-advisory x_refsource_AIXAPAR x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	vendor-advisory x_refsource_APPLE x_transferred
http://secunia.com/advisories/39334	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.openwall.com/lists/oss-security/2009/11/24/2	mailing-list x_refsource_MLIST x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2009:304	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.vupen.com/english/advisories/2009/3335	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2010/0622	vdb-entry x_refsource_VUPEN x_transferred
https://issues.rpath.com/browse/RPL-3152	x_refsource_CONFIRM x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ68597	vendor-advisory x_refsource_AIXAPAR x_transferred
http://secunia.com/advisories/38834	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/38219	third-party-advisory x_refsource_SECUNIA x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745	vdb-entry signature x_refsource_OVAL x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ71774	vendor-advisory x_refsource_AIXAPAR x_transferred
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488	x_refsource_CONFIRM x_transferred
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html	vendor-advisory x_refsource_FEDORA x_transferred
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018	x_refsource_CONFIRM x_transferred
http://support.apple.com/kb/HT5002	x_refsource_CONFIRM x_transferred
ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt	x_refsource_CONFIRM x_transferred
http://www.redhat.com/support/errata/RHSA-2009-1620.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2009/11/24/1	mailing-list x_refsource_MLIST x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.vupen.com/english/advisories/2010/0528	vdb-entry x_refsource_VUPEN x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7261

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/40730

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/37426

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://aix.software.ibm.com/aix/efixes/security/bind9_advisory.asc

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10821

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/0176

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/54416

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=538744

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/bid/37118

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/38794

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000082.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://osvdb.org/60493

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: https://www.isc.org/advisories/CVE-2009-4022v6

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/38240

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01172.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://secunia.com/advisories/37491

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-888-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7459

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/8

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.kb.cert.org/vuls/id/418861

Resource:

third-party-advisory

x_refsource_CERT-VN

x_transferred

Hyperlink: https://www.isc.org/advisories/CVE2009-4022

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ71667

Resource:

vendor-advisory

x_refsource_AIXAPAR

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://secunia.com/advisories/39334

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/2

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:304

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/3335

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/0622

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://issues.rpath.com/browse/RPL-3152

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ68597

Resource:

vendor-advisory

x_refsource_AIXAPAR

x_transferred

Hyperlink: http://secunia.com/advisories/38834

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/38219

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11745

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ71774

Resource:

vendor-advisory

x_refsource_AIXAPAR

x_transferred

Hyperlink: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01188.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://support.apple.com/kb/HT5002

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1620.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.openwall.com/lists/oss-security/2009/11/24/1

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021660.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/0528

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References