- Description
- resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20B4B4DA-5780-4D04-8A2B-371C06A470CE"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDCC8861-0655-4180-A083-1516AC441A3C"
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2"
}
],
"operator": "OR"
}
]
}
]