what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2010-0097

Status Candidate

Overview

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.

Related Files

HP Security Bulletin HPSBOV03540 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-0493, CVE-2007-0494, CVE-2008-0122, CVE-2009-4022, CVE-2010-0097, CVE-2012-1667, CVE-2012-4244, CVE-2012-5166
SHA-256 | 172ff73cf346da8d896484da1bbb74a962da41e89f917e23789840d3a1898675
Apple Security Advisory 2011-10-12-3
Posted Oct 13, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-12-3 - OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.

tags | advisory, arbitrary, code execution
systems | apple, osx
advisories | CVE-2009-4022, CVE-2010-0097, CVE-2010-1157, CVE-2010-1634, CVE-2010-2089, CVE-2010-2227, CVE-2010-3436, CVE-2010-3613, CVE-2010-3614, CVE-2010-3718, CVE-2010-4172, CVE-2010-4645, CVE-2011-0013, CVE-2011-0185, CVE-2011-0187, CVE-2011-0224, CVE-2011-0226, CVE-2011-0229, CVE-2011-0230, CVE-2011-0231, CVE-2011-0249, CVE-2011-0250, CVE-2011-0251, CVE-2011-0252, CVE-2011-0259, CVE-2011-0260, CVE-2011-0411, CVE-2011-0419
SHA-256 | 4d539896720bca2e48b218929a6c10484c83d72ac4b634adbd7f33f680f59ede
Debian Linux Security Advisory 2054-2
Posted Jun 16, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2054-2 - This update restores the PID file location for bind to the location before the last security update. Several cache-poisoning vulnerabilities have been discovered in BIND. These vulnerabilities are apply only if DNSSEC validation is enabled and trust anchors have been installed, which is not the default.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-0097, CVE-2010-0290, CVE-2010-0382
SHA-256 | 641008a7bc8797a719b9c5b286467557338f36a004d245409d2fafcdeac55ac7
Debian Linux Security Advisory 2054-1
Posted Jun 4, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2054-1 - Several cache-poisoning vulnerabilities have been discovered in BIND. These vulnerabilities are apply only if DNSSEC validation is enabled and trust anchors have been installed, which is not the default.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-0097, CVE-2010-0290, CVE-2010-0382
SHA-256 | 3f735c4833aeac702aa70117b4ee33364894fa1b8bd7021809591297abc6b061
Gentoo Linux Security Advisory 201006-11
Posted Jun 3, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-11 - Several cache poisoning vulnerabilities have been found in BIND. Multiple cache poisoning vulnerabilities were discovered in BIND. Versions less than 9.4.3_p5 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2009-4022, CVE-2010-0097, CVE-2010-0290, CVE-2010-0382
SHA-256 | e8507ae0312f6e16b9fc87551331eaa59be119931581a9defa718586c4ca5f8f
HP Security Bulletin HPSBUX02519 SSRT100004
Posted Apr 23, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to compromise NXDOMAIN responses.

tags | advisory
systems | hpux
advisories | CVE-2010-0097
SHA-256 | d03982ac2141e026ae5c4fa8a8d330401938cdd6c8f1b1aaa1675e69b1370a0c
Mandriva Linux Security Advisory 2010-021
Posted Jan 21, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-021 - The original fix for was found to be incomplete. BIND was incorrectly caching certain responses without performing proper DNSSEC validation. CNAME and DNAME records could be cached, without proper DNSSEC validation, when received from processing recursive client queries that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries. There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly, so that future queries to the resolver would return the bogus NXDOMAIN with the AD flag set. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally BIND has been upgraded to the latest patch release version.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-4022, CVE-2010-0097, CVE-2010-0290
SHA-256 | fde9ce451295f0fdc7dc688f5f0672ee2a2653ca75f5f9708eab123dfd58073c
Ubuntu Security Notice 888-1
Posted Jan 21, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 888-1 - It was discovered that Bind would incorrectly cache bogus NXDOMAIN responses. When DNSSEC validation is in use, a remote attacker could exploit this to cause a denial of service, and possibly poison DNS caches. USN-865-1 provided updated Bind packages to fix a security vulnerability. The upstream security patch to fix CVE-2009-4022 was incomplete and CVE-2010-0290 was assigned to the issue. This update corrects the problem. Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.

tags | advisory, remote, web, denial of service, spoof
systems | linux, ubuntu
advisories | CVE-2009-4022, CVE-2010-0097, CVE-2010-0290
SHA-256 | 0cfe920e44dece7a866b45de4a885c3fdd90cec12f9a05bff742df28193d5751
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close