[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2015-1349Date: (C)2015-02-23   (M)2018-05-10


named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 5.4
Exploit Score: Exploit Score: 4.9
Impact Score: Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: HIGH
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: NONE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
APPLE-SA-2015-09-16-4
FEDORA-2015-2543
FEDORA-2015-2548
GLSA-201510-01
MDVSA-2015:054
MDVSA-2015:165
RHSA-2015:0672
SSRT101976
SUSE-SU-2015:1205
USN-2503-1
http://advisories.mageia.org/MGASA-2015-0082.html
https://bugzilla.redhat.com/show_bug.cgi?id=1193820
https://kb.isc.org/article/AA-01235
https://kb.juniper.net/JSA10783
https://kc.mcafee.com/corporate/index?page=content&id=SB10116
https://support.apple.com/HT205219
openSUSE-SU-2015:1250
openSUSE-SU-2015:1326

CPE    100
cpe:/a:isc:bind:9.9.3:rc1
cpe:/a:isc:bind:9.8.6:rc2
cpe:/a:isc:bind:9.9.3:rc2
cpe:/a:isc:bind:9.8.6:rc1
...
CWE    1
CWE-399
OVAL    13
oval:org.secpod.oval:def:702422
oval:org.secpod.oval:def:601958
oval:org.secpod.oval:def:501537
oval:org.secpod.oval:def:108467
...

© SecPod Technologies