Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2013-4854 is a low severity vulnerability with a CVSS score of 0.0. No known exploits currently, and patches are available. This is classified as a zero-day vulnerability.
Very high probability of exploitation in the next 30 days
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
| Vendor | Product |
|---|---|
| Isc | Bind |
| Slackware | Slackware Linux |
| Mandriva | Enterprise Server |
| Freebsd | Freebsd |
| Isc | Dnsco Bind |
| Suse | Suse Linux Enterprise Software Development Kit |
| HP | HP Ux |
| Fedoraproject | Fedora |
| Opensuse | Opensuse |
| Mandriva | Business Server |
And 2 more...
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.