Lucene search

K
ubuntuUbuntuUSN-865-1
HistoryDec 07, 2009 - 12:00 a.m.

Bind vulnerability

2009-12-0700:00:00
ubuntu.com
31

7.7 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.5%

Releases

  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • bind9 -

Details

Michael Sinatra discovered that Bind did not correctly validate certain
records added to its cache. When DNSSEC validation is in use, a remote
attacker could exploit this to spoof DNS entries and poison DNS caches.
Among other things, this could lead to misdirected email and web traffic.

OSVersionArchitecturePackageVersionFilename
Ubuntu9.10noarchlibdns53<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchbind9<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchbind9-host<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchbind9utils<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchdnsutils<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibbind-dev<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibbind9-50<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibdns50<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibisc50<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Ubuntu9.10noarchlibisccc50<Β 1:9.6.1.dfsg.P1-3ubuntu0.2UNKNOWN
Rows per page:
1-10 of 631

7.7 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.5%