4

CVE-2010-3613

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version9.6 SwEditionesv
IscBind Version9.6 Updater1 SwEditionesv
IscBind Version9.6 Updater2 SwEditionesv
IscBind Version9.6.2
IscBind Version9.6.2 Updateb1
IscBind Version9.6.2 Updatep1
IscBind Version9.6.2 Updatep2
IscBind Version9.7.0
IscBind Version9.7.0 Updatea1
IscBind Version9.7.0 Updatea2
IscBind Version9.7.0 Updatea3
IscBind Version9.7.0 Updateb1
IscBind Version9.7.0 Updateb2
IscBind Version9.7.0 Updateb3
IscBind Version9.7.0 Updatep1
IscBind Version9.7.0 Updatep2
IscBind Version9.7.0 Updaterc1
IscBind Version9.7.0 Updaterc2
IscBind Version9.7.1
IscBind Version9.7.1 Updateb1
IscBind Version9.7.1 Updatep1
IscBind Version9.7.1 Updatep2
IscBind Version9.7.1 Updaterc1
IscBind Version9.7.2
IscBind Version9.7.2 Updatep1
IscBind Version9.7.2 Updatep2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.66% 0.952
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT5002
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://www.securityfocus.com/archive/1/516909/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0004.html
http://www.vupen.com/english/advisories/2011/0606
http://support.avaya.com/css/P8/documents/100124923
http://www.debian.org/security/2010/dsa-2130
http://www.mandriva.com/security/advisories?name=MDVSA-2010:253
http://www.redhat.com/support/errata/RHSA-2010-0976.html
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
http://marc.info/?l=bugtraq&m=130270720601677&w=2
http://secunia.com/advisories/42374
Vendor Advisory
http://secunia.com/advisories/42459
Vendor Advisory
http://secunia.com/advisories/42522
Vendor Advisory
http://secunia.com/advisories/42671
http://secunia.com/advisories/42707
http://secunia.com/advisories/43141
http://securitytracker.com/id?1024817
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
http://www.isc.org/software/bind/advisories/cve-2010-3613
Vendor Advisory
http://www.kb.cert.org/vuls/id/706148
US Government Resource
http://www.osvdb.org/69558
http://www.redhat.com/support/errata/RHSA-2010-0975.html
http://www.redhat.com/support/errata/RHSA-2010-1000.html
http://www.securityfocus.com/bid/45133
http://www.ubuntu.com/usn/USN-1025-1
http://www.vupen.com/english/advisories/2010/3102
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3103
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3138
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3139
Vendor Advisory
http://www.vupen.com/english/advisories/2010/3140
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0267
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601