4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
bind is vulnerable to denial of service. It was discovered that named did not invalidate previously cached RRSIG records when adding an NCACHE record for the same entry to the cache. A remote attacker allowed to send recursive DNS queries to named could use this flaw to crash named.
ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc
lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html
lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
lists.vmware.com/pipermail/security-announce/2011/000126.html
marc.info/?l=bugtraq&m=130270720601677&w=2
secunia.com/advisories/42374
secunia.com/advisories/42459
secunia.com/advisories/42522
secunia.com/advisories/42671
secunia.com/advisories/42707
secunia.com/advisories/43141
securitytracker.com/id?1024817
slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
support.apple.com/kb/HT5002
support.avaya.com/css/P8/documents/100124923
www.debian.org/security/2010/dsa-2130
www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
www.isc.org/software/bind/advisories/cve-2010-3613
www.kb.cert.org/vuls/id/706148
www.mandriva.com/security/advisories?name=MDVSA-2010:253
www.osvdb.org/69558
www.redhat.com/support/errata/RHSA-2010-0975.html
www.redhat.com/support/errata/RHSA-2010-0976.html
www.redhat.com/support/errata/RHSA-2010-1000.html
www.securityfocus.com/archive/1/516909/100/0/threaded
www.securityfocus.com/bid/45133
www.ubuntu.com/usn/USN-1025-1
www.vmware.com/security/advisories/VMSA-2011-0004.html
www.vupen.com/english/advisories/2010/3102
www.vupen.com/english/advisories/2010/3103
www.vupen.com/english/advisories/2010/3138
www.vupen.com/english/advisories/2010/3139
www.vupen.com/english/advisories/2010/3140
www.vupen.com/english/advisories/2011/0267
www.vupen.com/english/advisories/2011/0606
access.redhat.com/errata/RHSA-2010:0976
access.redhat.com/security/updates/classification/#important
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601