ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability Network Vulnerability

Summary

ISC BIND 9 is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of- service attacks. Versions prior to the following are vulnerable: BIND 9.4.3-P5 BIND 9.5.2-P2 BIND 9.6.1-P3

Solution

Updates are available. Please see the references for details.

References

http://www.isc.org/products/BIND/
http://www.kb.cert.org/vuls/id/360341
http://www.securityfocus.com/bid/37865
https://www.isc.org/advisories/CVE-2010-0097

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0097, CVE-2010-0290, CVE-2010-0382

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)

Take action and discover your vulnerabilities