ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial Of Service Vulnerability Network Vulnerability

Summary

ISC BIND is prone to multiple Vulnerabilities. 1. A remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected service to crash, denying service to legitimate users. 2. A security vulnerability that affects the integrity security property of the application. BIND versions 9.6.2 to 9.6.2-P2, 9.6-ESV to 9.6-ESV-R2 and 9.7.0 to 9.7.2-P2 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://support.avaya.com/css/P8/documents/100124923
http://www.isc.org/products/BIND/
https://www.isc.org/software/bind/advisories/cve-2010-3613
https://www.isc.org/software/bind/advisories/cve-2010-3614
https://www.securityfocus.com/bid/45133
https://www.securityfocus.com/bid/45137

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3613, CVE-2010-3614

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Apache /server-status accessible
Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
Apple Safari WebKit Information Disclosure Vulnerability (Windows)
Arris DOCSIS Password Disclosure
Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)

ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities