CVE-2010-3613

Severity

40%

Complexity

80%

Confidentiality

48%

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P).

Overview

Type

ISC BIND

First reported 14 years ago

2010-12-06 13:44:00

Last updated 6 years ago

2018-10-10 20:04:00

Affected Software

ISC BIND 9.6 Extended Support Version

9.6

ISC BIND 9.6 Extended Support Version Release 1

9.6

ISC BIND 9.6 Extended Support Version Release 2

9.6

ISC BIND 9.6.2

9.6.2

ISC BIND 9.6.2 Beta 1

9.6.2

ISC BIND 9.6.2 Patch 1

9.6.2

ISC BIND 9.6.2 Patch 2

9.6.2

ISC BIND 9.7.0

9.7.0

ISC BIND 9.7.0 Alpha 1

9.7.0

ISC BIND 9.7.0 Alpha 2

9.7.0

ISC BIND 9.7.0 Alpha 3

9.7.0

ISC BIND 9.7.0 Beta 1

9.7.0

ISC BIND 9.7.0 Beta 2

9.7.0

ISC BIND 9.7.0 Beta 3

9.7.0

ISC BIND 9.7.0 p1

9.7.0

ISC BIND 9.7.0 p2

9.7.0

ISC BIND 9.7.0 Release Candidate 1

9.7.0

ISC BIND 9.7.0 Release Candidate 2

9.7.0

ISC BIND 9.7.1

9.7.1

ISC BIND 9.7.1 Beta 1

9.7.1

ISC BIND 9.7.1 p1

9.7.1

ISC BIND 9.7.1 p2

9.7.1

ISC BIND 9.7.1 Release Candidate 1

9.7.1

ISC BIND 9.7.2

9.7.2

ISC BIND 9.7.2 P1

9.7.2

ISC BIND 9.7.2 P2

9.7.2

References

NetBSD-SA2011-001

APPLE-SA-2011-10-12-3

FEDORA-2010-18521

FEDORA-2010-18469

[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm

HPSBUX02655

42374

Vendor Advisory

42459

Vendor Advisory

42522

Vendor Advisory

42671

42707

43141

1024817

SSA:2010-350-01

http://support.apple.com/kb/HT5002

http://support.avaya.com/css/P8/documents/100124923

DSA-2130

http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories

http://www.isc.org/software/bind/advisories/cve-2010-3613

Vendor Advisory

VU#706148

US Government Resource

MDVSA-2010:253

69558

RHSA-2010:0975

RHSA-2010:0976

RHSA-2010:1000

20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

45133

USN-1025-1

http://www.vmware.com/security/advisories/VMSA-2011-0004.html

ADV-2010-3102

Vendor Advisory

ADV-2010-3103

Vendor Advisory

ADV-2010-3138

Vendor Advisory

ADV-2010-3139

Vendor Advisory

ADV-2010-3140

Vendor Advisory

ADV-2011-0267

ADV-2011-0606

oval:org.mitre.oval:def:12601

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.