Lucene search
Ubuntu.comUB:CVE-2007-2925HistoryJul 24, 2007 - 12:00 a.m.
CVE-2007-2925
2007-07-2400:00:00
ubuntu.com
ubuntu.com
10
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.01 Low
EPSS
Percentile
83.6%
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and
9.5.0a1 through 9.5.0a5 do not set the allow-recursion and
allow-query-cache ACLs, which allows remote attackers to make recursive
queries and query the cache.
Notes
| Author | Note |
|---|---|
| kees | recursion should be a admin policy, and is already mediated by edgy+ bind default configs |
Related
cve
cve
CVE-2007-2925
2007-07-24 17:30:00
debiancve
debiancve
CVE-2007-2925
2007-07-24 17:30:00
prion
prion
Improper access control
2007-07-24 17:30:00
cert
cert
ISC BIND does not correctly set default access controls
2007-07-27 00:00:00
openvas
openvas
Slackware Advisory SSA:2007-207-01 bind
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2007-207-01)
2012-09-10 00:00:00
Mandriva Update for bind MDKSA-2007:149 (bind)
2009-04-09 00:00:00
slackware
slackware
[slackware-security] bind
2007-07-26 22:15:41
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : bind (SSA:2007-207-01)
2011-05-28 00:00:00
Mandrake Linux Security Advisory : bind (MDKSA-2007:149)
2007-07-27 00:00:00
Fedora 7 : bind-9.4.1-7.P1.fc7 (2007-1247)
2007-11-06 00:00:00
gentoo
gentoo
BIND: Weak random number generation
2007-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: bind-9.4.1-7.P1.fc7
2007-07-25 05:15:35
[SECURITY] Fedora 7 Update: bind-9.4.2-2.fc7
2007-12-20 20:14:27
[SECURITY] Fedora 7 Update: bind-9.4.2-3.fc7
2008-01-22 16:01:40
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.01 Low
EPSS
Percentile
83.6%
Related for UB:CVE-2007-2925