Vulnerability Description
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Isc | Bind | 9.0 |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034196.ht
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034202.ht
- http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
- http://marc.info/?l=bugtraq&m=127195582210247&w=2
- http://secunia.com/advisories/38169Vendor Advisory
- http://secunia.com/advisories/38219Vendor Advisory
- http://secunia.com/advisories/38240Vendor Advisory
- http://secunia.com/advisories/39334
- http://secunia.com/advisories/39582
- http://secunia.com/advisories/40086
- http://securitytracker.com/id?1023474
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
- http://support.apple.com/kb/HT5002
FAQ
What is CVE-2010-0097?
CVE-2010-0097 is a vulnerability with a CVSS score of 4.3 (MEDIUM). ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attack...
How severe is CVE-2010-0097?
CVE-2010-0097 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0097?
Check the references section above for vendor advisories and patch information. Affected products include: Isc Bind.