[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-2925Date: (C)2007-07-24   (M)2023-12-22


The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.8
Exploit Score: 8.6
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECTRACK-1018441
BID-25076
SECUNIA-26227
SECUNIA-26236
SECUNIA-26509
SECUNIA-26515
ADV-2007-2628
ADV-2007-2914
GLSA-200708-13
MDKSA-2007:149
OpenPKG-SA-2007.022
SSA:2007-207-01
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903
http://www.isc.org/index.pl?/sw/bind/bind-security.php
isc-bind-acl-security-bypass(35571)

CPE    3
cpe:/a:isc:bind:9.5.0
cpe:/a:isc:bind:9.4.1
cpe:/a:isc:bind:9.4.0

© SecPod Technologies