Executive Summary

Informations
NameCVE-2010-0097First vendor Publication2010-01-22
VendorCveLast vendor Modification2017-09-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9357
 
Oval ID: oval:org.mitre.oval:def:9357
Title: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Description: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0097
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7430
 
Oval ID: oval:org.mitre.oval:def:7430
Title: A vulnerability in the way named(1M) handles recursive client queries may allow a remote unprivileged user to cause named(1M) to return NXDOMAIN (Non-Existent Domain) for Internet hosts thus causing a Denial of Service (DoS) for those hosts to end users
Description: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0097
Version: 3
Platform(s): Sun Solaris 9
Sun Solaris 10
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7212
 
Oval ID: oval:org.mitre.oval:def:7212
Title: ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
Description: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0097
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20476
 
Oval ID: oval:org.mitre.oval:def:20476
Title: Multiple vulnerabilities in AIX BIND
Description: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0097
Version: 6
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12205
 
Oval ID: oval:org.mitre.oval:def:12205
Title: HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses.
Description: ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0097
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application189

OpenVAS Exploits

DateDescription
2012-04-16Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-10-20Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-08-09Name : CentOS Update for bind CESA-2010:0062 centos5 i386
File : nvt/gb_CESA-2010_0062_bind_centos5_i386.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-11 (BIND)
File : nvt/glsa_201006_11.nasl
2010-07-06Name : Debian Security Advisory DSA 2054-2 (bind9)
File : nvt/deb_2054_2.nasl
2010-06-10Name : Debian Security Advisory DSA 2054-1 (bind9)
File : nvt/deb_2054_1.nasl
2010-04-30Name : HP-UX Update for BIND HPSBUX02519
File : nvt/gb_hp_ux_HPSBUX02519.nasl
2010-03-02Name : Fedora Update for bind FEDORA-2010-0861
File : nvt/gb_fedora_2010_0861_bind_fc11.nasl
2010-03-02Name : Fedora Update for bind FEDORA-2010-0868
File : nvt/gb_fedora_2010_0868_bind_fc12.nasl
2010-01-29Name : SuSE Update for acroread SUSE-SA:2010:008
File : nvt/gb_suse_2010_008.nasl
2010-01-25Name : RedHat Update for bind RHSA-2010:0062-02
File : nvt/gb_RHSA-2010_0062-02_bind.nasl
2010-01-22Name : Mandriva Update for bind MDVSA-2010:021 (bind)
File : nvt/gb_mandriva_MDVSA_2010_021.nasl
2010-01-22Name : Ubuntu Update for bind9 vulnerabilities USN-888-1
File : nvt/gb_ubuntu_USN_888_1.nasl
2010-01-20Name : ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
File : nvt/bind_37865.nasl
0000-00-00Name : Slackware Advisory SSA:2010-176-01 bind
File : nvt/esoft_slk_ssa_2010_176_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
61853ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning

Nessus® Vulnerability Scanner

DateDescription
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2016-03-08Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2015-07-31Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL17025.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0062.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV09491.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV09978.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV10049.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV11742.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV11743.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IV11744.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100120_bind_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-10-13Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO
2011-05-28Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-176-01.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-0861.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-0868.nasl - Type : ACT_GATHER_INFO
2010-06-08Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2054.nasl - Type : ACT_GATHER_INFO
2010-06-02Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201006-11.nasl - Type : ACT_GATHER_INFO
2010-06-01Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-01-26Name : The remote openSUSE host is missing a security update.
File : suse_11_1_bind-100121.nasl - Type : ACT_GATHER_INFO
2010-01-26Name : The remote openSUSE host is missing a security update.
File : suse_11_0_bind-100121.nasl - Type : ACT_GATHER_INFO
2010-01-26Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_bind-100121.nasl - Type : ACT_GATHER_INFO
2010-01-26Name : The remote openSUSE host is missing a security update.
File : suse_11_2_bind-100121.nasl - Type : ACT_GATHER_INFO
2010-01-22Name : The remote name server is affected by a cache poisoning vulnerability.
File : bind9_bogus_nxdomain_caching.nasl - Type : ACT_GATHER_INFO
2010-01-21Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0062.nasl - Type : ACT_GATHER_INFO
2010-01-21Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-021.nasl - Type : ACT_GATHER_INFO
2010-01-21Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-888-1.nasl - Type : ACT_GATHER_INFO
2010-01-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0062.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
APPLE http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
BID http://www.securityfocus.com/bid/37865
CERT-VN http://www.kb.cert.org/vuls/id/360341
CONFIRM ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt
http://support.apple.com/kb/HT5002
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
https://bugzilla.redhat.com/show_bug.cgi?id=554851
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://www.isc.org/advisories/CVE-2010-0097
DEBIAN http://www.debian.org/security/2010/dsa-2054
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034196...
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034202...
HP http://marc.info/?l=bugtraq&m=127195582210247&w=2
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:021
REDHAT https://rhn.redhat.com/errata/RHSA-2010-0062.html
https://rhn.redhat.com/errata/RHSA-2010-0095.html
SECTRACK http://securitytracker.com/id?1023474
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021798.1-1
SUSE http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html
UBUNTU http://www.ubuntu.com/usn/USN-888-1
VUPEN http://www.vupen.com/english/advisories/2010/0176
http://www.vupen.com/english/advisories/2010/0622
http://www.vupen.com/english/advisories/2010/0981
http://www.vupen.com/english/advisories/2010/1352
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/55753

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
DateInformations
2017-09-19 09:23:35
  • Multiple Updates
2017-08-17 09:22:53
  • Multiple Updates
2017-04-22 13:25:52
  • Multiple Updates
2016-12-07 09:24:10
  • Multiple Updates
2016-08-20 09:22:28
  • Multiple Updates
2016-06-28 17:59:38
  • Multiple Updates
2016-04-04 21:25:24
  • Multiple Updates
2016-03-09 13:25:54
  • Multiple Updates
2015-08-12 13:32:51
  • Multiple Updates
2014-02-17 10:53:12
  • Multiple Updates
2013-05-10 23:16:02
  • Multiple Updates