Back to search
CVE-2013-6230
Published: Nov 8, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://kb.isc.org/article/AA-01063
x_refsource_CONFIRM
SSA:2014-175-01
vendor-advisory
x_refsource_SLACKWARE
https://kb.isc.org/article/AA-01062
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now