Wind River Support Network

HomeDefectsLIN4-28104
Fixed

LIN4-28104 : Security Advisory - BIND - CVE-2010-0097

Created: Feb 4, 2010    Updated: May 18, 2015
Resolved Date: Sep 12, 2010
Previous ID: LIN2-12373
Found In Version: 4.0
Fix Version: 4.0
Severity: Severe
Applicable for: Wind River Linux 4
Component/s: Userspace

Description

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0097

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online