[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2015-1349

Date: (C)2015-02-23   (M)2017-12-10 


named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.

CVSS Score: 5.4Access Vector: NETWORK
Exploit Score: 4.9Access Complexity: HIGH
Impact Score: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
APPLE-SA-2015-09-16-4
FEDORA-2015-2543
FEDORA-2015-2548
GLSA-201510-01
MDVSA-2015:054
MDVSA-2015:165
RHSA-2015:0672
SSRT101976
SUSE-SU-2015:1205
USN-2503-1
http://advisories.mageia.org/MGASA-2015-0082.html
https://bugzilla.redhat.com/show_bug.cgi?id=1193820
https://kb.isc.org/article/AA-01235
https://kb.juniper.net/JSA10783
https://kc.mcafee.com/corporate/index?page=content&id=SB10116
https://support.apple.com/HT205219
openSUSE-SU-2015:1250
openSUSE-SU-2015:1326

CPE    100
cpe:/a:isc:bind:9.8.6:rc2
cpe:/a:isc:bind:9.8.6:rc1
cpe:/a:isc:bind:9.10.1
cpe:/a:isc:bind:9.10.0
...
CWE    1
CWE-399
OVAL    13
oval:org.secpod.oval:def:702422
oval:org.secpod.oval:def:601958
oval:org.secpod.oval:def:1200018
oval:org.secpod.oval:def:204212
...

© 2013 SecPod Technologies