Lucene search

K
nessusTenable8569.PRM
HistoryDec 15, 2014 - 12:00 a.m.

ISC BIND 9.10.x < 9.10.1-P1 Multiple DoS

2014-12-1500:00:00
Tenable
www.tenable.com
14

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.877 High

EPSS

Percentile

98.7%

Versions of ISC BIND earlier than 9.10.1-P1 are unpatched for the following vulnerabilities:

  • Denial of service vulnerability that can be triggered when handling a maliciously constructed query or zone request, causing the service to issue unlimited queries in an attempt to follow a delegation (CVE-2014-8500)

  • Denial of service vulnerability in the pre-fetch feature that is triggered when the response to a specially crafted DNS query contains particular attributes. (CVE-2014-3214)

  • Denial of service vulnerability in EDNS option processing (CVE-2014-3859)

  • Denial of service in three unspecified flaws in the GeoIP feature (CVE-2014-8680)

Binary data 8569.prm
VendorProductVersionCPE
iscbindcpe:/a:isc:bind

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.877 High

EPSS

Percentile

98.7%