ISC BIND 'allow-query' Zone ACL Security Bypass Vulnerability Network Vulnerability

Summary

ISC BIND is prone to a security-bypass vulnerability. Successfully exploiting this issue allows remote attackers to bypass zone-and-view Access Control Lists (ACLs) to perform unintended queries. Versions prior to BIND 9.7.2-P3 are vulnerable.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www.isc.org/products/BIND/
https://www.isc.org/software/bind/advisories/cve-2010-3615
https://www.securityfocus.com/bid/45134

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3615

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apple Safari WebKit Information Disclosure Vulnerability (Windows)
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
Apple Safari Web Script Execution Vulnerabilites - June09
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)

Take action and discover your vulnerabilities