[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3762Date: (C)2010-10-05   (M)2023-12-22


ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/516909/100/0/threaded
BID-45385
ADV-2011-0606
DSA-2130
MDVSA-2010:253
RHSA-2010:0976
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
http://support.avaya.com/css/P8/documents/100124923
http://www.vmware.com/security/advisories/VMSA-2011-0004.html

CWE    1
CWE-20
OVAL    6
oval:org.secpod.oval:def:500430
oval:org.secpod.oval:def:700517
oval:org.secpod.oval:def:201811
oval:org.secpod.oval:def:300281
...

© SecPod Technologies