Lucene search

PRIOn knowledge basePRION:CVE-2010-0097

HistoryJan 22, 2010 - 10:00 p.m.

Code injection

2010-01-2222:00:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.3%

JSON

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.

CPENameOperatorVersion
bindeq9.6.1 p2
bindeq9.2.0 rc7
bindeq9.1.1 rc6
bindeq9.3.1 rc1
bindeq9.5.0 a6
bindeq9.1.1
bindeq9.4.3 b1
bindeq9.2.3 rc2
bindeq9.1.3
bindeq9.5.1 b2

Name	Operator	Version
bind	eq	9.6.1 p2
bind	eq	9.2.0 rc7
bind	eq	9.1.1 rc6
bind	eq	9.3.1 rc1
bind	eq	9.5.0 a6
bind	eq	9.1.1
bind	eq	9.4.3 b1
bind	eq	9.2.3 rc2
bind	eq	9.1.3
bind	eq	9.5.1 b2

Rows per page:

1-10 of 1891

References

ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html

secunia.com/advisories/38169

secunia.com/advisories/38219

secunia.com/advisories/38240

secunia.com/advisories/39334

secunia.com/advisories/39582

secunia.com/advisories/40086

securitytracker.com/id?1023474

sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1

support.apple.com/kb/HT5002

wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

www.debian.org/security/2010/dsa-2054

www.kb.cert.org/vuls/id/360341

www.mandriva.com/security/advisories?name=MDVSA-2010:021

www.osvdb.org/61853

www.securityfocus.com/bid/37865

www.ubuntu.com/usn/USN-888-1

www.vupen.com/english/advisories/2010/0176

www.vupen.com/english/advisories/2010/0622

www.vupen.com/english/advisories/2010/0981

www.vupen.com/english/advisories/2010/1352

bugzilla.redhat.com/show_bug.cgi?id=554851

exchange.xforce.ibmcloud.com/vulnerabilities/55753

h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488

lists.fedoraproject.org/pipermail/package-announce/2010-January/034196.html

lists.fedoraproject.org/pipermail/package-announce/2010-January/034202.html

marc.info/?l=bugtraq&m=127195582210247&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12205

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7212

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7430

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9357

rhn.redhat.com/errata/RHSA-2010-0062.html

rhn.redhat.com/errata/RHSA-2010-0095.html

www.isc.org/advisories/CVE-2010-0097

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.3%

JSON

Related for PRION:CVE-2010-0097