Lucene search

[email protected]CVE-2015-5722

HistorySep 05, 2015 - 2:59 a.m.

CVE-2015-5722

2015-09-0502:59:00

CWE-20

[email protected]

web.nvd.nist.gov

232

cve-2015-5722

denial of service

isc bind

dnssec

nvd

8.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.966 High

EPSS

Percentile

99.6%

JSON

buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

CPENameOperatorVersion
isc:bindisc bindle9.9.7
isc:bindisc bindle9.10.2
apple:mac_os_x_serverapple mac os x servereq5.0.15

CPE	Name	Operator	Version
isc:bind	isc bind	le	9.9.7
isc:bind	isc bind	le	9.10.2
apple:mac_os_x_server	apple mac os x server	eq	5.0.15

References

lists.apple.com/archives/security-announce/2015/Oct/msg00009.html

lists.fedoraproject.org/pipermail/package-announce/2015-October/168686.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165750.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165810.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/165996.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/167465.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html

lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html

lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html

marc.info/?l=bugtraq&m=144294073801304&w=2

rhn.redhat.com/errata/RHSA-2015-1705.html

rhn.redhat.com/errata/RHSA-2015-1706.html

rhn.redhat.com/errata/RHSA-2015-1707.html

rhn.redhat.com/errata/RHSA-2016-0078.html

rhn.redhat.com/errata/RHSA-2016-0079.html

www.debian.org/security/2015/dsa-3350

www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/bid/76605

www.securitytracker.com/id/1033452

www.ubuntu.com/usn/USN-2728-1

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04891218

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923105

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918

kb.isc.org/article/AA-01287

kb.isc.org/article/AA-01305

kb.isc.org/article/AA-01306

kb.isc.org/article/AA-01307

kb.isc.org/article/AA-01438

kc.mcafee.com/corporate/index?page=content&id=SB10134

security.gentoo.org/glsa/201510-01

security.netapp.com/advisory/ntap-20190730-0001/

support.apple.com/HT205376

8.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.966 High

EPSS

Percentile

99.6%

JSON

CVE-2015-5722

References

Related