VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-3613
bind: named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV be...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3613

Original

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-12-06
Source Information Category:
Advisory, Alert
Last Updated:
2010-12-06




Affected Product Tags
cpe:/a:isc:bind:9.6-esv-r1
cpe:/a:isc:bind:9.6-esv-r2
cpe:/a:isc:bind:9.6.2-p1
cpe:/a:isc:bind:9.6.2-p2
cpe:/a:isc:bind:9.7.0
cpe:/a:isc:bind:9.7.0-p1
cpe:/a:isc:bind:9.7.0-p2
cpe:/a:isc:bind:9.7.0:rc1
cpe:/a:isc:bind:9.7.0:rc2
cpe:/a:isc:bind:9.7.0a1
cpe:/a:isc:bind:9.7.0a2
cpe:/a:isc:bind:9.7.0a3
cpe:/a:isc:bind:9.7.0b1
cpe:/a:isc:bind:9.7.0b2
cpe:/a:isc:bind:9.7.1
cpe:/a:isc:bind:9.7.1-p1
cpe:/a:isc:bind:9.7.1-p2
cpe:/a:isc:bind:9.7.1:rc1
cpe:/a:isc:bind:9.7.1b1
cpe:/a:isc:bind:9.7.2-p1
cpe:/a:isc:bind:9.7.2-p2
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
Medium [?]
X Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
X Single [?]
None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
Alternatives




References
VU#706148




BID 45133




CONFIRM http://www.isc.org/software/bind/advisories/cve-2010-3613




CONFIRM http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories




OSVDB 69558




SECTRACK 1024817




SECUNIA 42459




SECUNIA 42374




UBUNTU USN-1025-1




VUPEN ADV-2010-3103




VUPEN ADV-2010-3102




Vulnerability Type Permissions, Privileges, and Access Control (CWE-264)




Copyright © 2010 JPCERT/CC All Rights Reserved.