[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3615Date: (C)2010-12-06   (M)2023-12-22


named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1024817
SECUNIA-42458
SECUNIA-42671
BID-45134
OSVDB-69568
ADV-2010-3102
FEDORA-2010-18469
SSA:2010-350-01
VU#510208
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
http://www.isc.org/software/bind/advisories/cve-2010-3615

CPE    1
cpe:/a:isc:bind:9.7.2:p2
CWE    1
CWE-264
OVAL    1
oval:org.secpod.oval:def:100387

© SecPod Technologies