[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0527Date: (C)2006-02-02   (M)2023-12-22


BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015551
SECTRACK-1015606
BID-16455
SECUNIA-18690
http://attrition.org/pipermail/vim/2006-February/000551.html
OSVDB-22888
SREASON-438
SREASON-748
ADV-2006-0399
HPSBTU02095
SSRT051045
http://computerworld.com/networkingtopics/networking/story/0%2C10801%2C103744%2C00.html
tru64-dns-bind-unauth-access(24414)

CPE    2
cpe:/a:isc:bind:8
cpe:/a:isc:bind:4
CWE    1
CWE-264

© SecPod Technologies