ISC BIND Denial Of Service And Security Bypass Vulnerability Network Vulnerability

Summary

ISC BIND is prone to a security-bypass vulnerability and a denial-of- service vulnerability. Successfully exploiting these issues allows remote attackers to crash affected DNS servers, denying further service to legitimate users, bypass certain security restrictions and perform unauthorized actions. Other attacks are also possible. ISC BIND versions 9.7.2 through 9.7.2-P1 are vulnerable.

Solution

Vendor updates are available. Please see the references for more information.

References

http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
https://www.securityfocus.com/bid/43573

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-0218, CVE-2010-3762
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
ejabberd 'mod_pubsub' Module Denial of Service Vulnerability
EtherApe RPC Packet Processing Denial of Service Vulnerability
Asterisk RTP Text Frames Denial Of Service Vulnerability
F-PROT AV 'ELF' Header Denial of Service Vulnerability

ISC BIND Denial Of Service and Security Bypass Vulnerability

Take action and discover your vulnerabilities