CVE-2010-0213
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers.
BIND v9.7.1 y v9.7.1-P1, cuando un servidor de validación recursivo tiene un identificador de confianza que es configurado estáticamente o a través de DNSSEC Lookaside Validation (DLV), permite a atacantse causar una denegación de servicio (bucle infinito) a través de una petición para un registro RRSIG cuya respuesta no está en la caché, lo que causa en BIND el envío repetivamente de peticiones RRSI a los servidores de autorización.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-01-06 CVE Reserved
- 2010-07-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-19: Data Processing Errors
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/211905 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/41730 | Vdb Entry | |
| http://www.securitytracker.com/id?1024217 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044445.html | 2016-04-04 | |
| http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html | 2016-04-04 | |
| http://secunia.com/advisories/40652 | 2016-04-04 | |
| http://secunia.com/advisories/40709 | 2016-04-04 | |
| http://www.isc.org/software/bind/advisories/cve-2010-0213 | 2016-04-04 | |
| http://www.vupen.com/english/advisories/2010/1884 | 2016-04-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Isc Search vendor "Isc" | Bind Search vendor "Isc" for product "Bind" | 9.7.1 Search vendor "Isc" for product "Bind" and version "9.7.1" | - |
Affected
| ||||||
| Isc Search vendor "Isc" | Bind Search vendor "Isc" for product "Bind" | 9.7.1 Search vendor "Isc" for product "Bind" and version "9.7.1" | p1 |
Affected
| ||||||