Computer Security
[EN] securityvulns.ru no-pyccku


bind named DNS server vulnerabilities
Published:06.12.2010
Source:
SecurityVulns ID:11279
Type:remote
Threat Level:
6/10
Description:DoS, information leaks.
Affected:ISC : bind 9.7
CVE:CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.)
 CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.)
Original documentdocumentUBUNTU, [USN-1025-1] Bind vulnerabilities (06.12.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod