Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-0213
HistoryJul 28, 2010 - 12:00 a.m.

CVE-2010-0213

2010-07-2800:00:00
ubuntu.com
ubuntu.com
9

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.042 Low

EPSS

Percentile

92.2%

BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust
anchor that is configured statically or via DNSSEC Lookaside Validation
(DLV), allows remote attackers to cause a denial of service (infinite loop)
via a query for an RRSIG record whose answer is not in the cache, which
causes BIND to repeatedly send RRSIG queries to the authoritative servers.

Notes

Author Note
sbeattie only affects 9.7.1 and 9.7.1-P1, earlier versions okay.

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.042 Low

EPSS

Percentile

92.2%