Executive Summary
Summary | |
---|---|
Title | ISC BIND does not correctly set default access controls |
Informations | |||
---|---|---|---|
Name | VU#187297 | First vendor Publication | 2007-07-27 |
Vendor | VU-CERT | Last vendor Modification | 2007-08-08 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 5.8 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#187297ISC BIND does not correctly set default access controlsOverviewISC (Internet Systems Consortiuim) BIND fails to properly set default access control lists. This may allow unauthorized users to make recursive querries and querry the cache.I. DescriptionFrom the ISC BIND security page:The default access control lists (acls) are not being correctly set. If not set anyone can make recursive queries and/or query the cache contents. Note that the BIND advisory lists BIND 9.4.0, 9.4.1, 9.5.0a1, 9.5.0a2, 9.5.0a3, 9.5.0a4, and 9.5.0a5 as the versions affected. II. ImpactA remote, unauthenticated attacker may be able to cause a vulnerable DNS server perform recursion. This could be used to perform denial-of-service attacks. An attacker may also be able to querry the cache.III. SolutionUpgrade or PatchThis issue is addressed in ISC BIND 9.2.8-P1, BIND 9.3.4-P1, BIND 9.4.1-P1 or BIND 9.5.0a6. Users who obtain BIND from their operating system vendor should see the systems affected portion of this document for a partial list of affected vendors.
Systems Affected
References
Thanks to ISC for information that was used in this report. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/187297 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for bind MDKSA-2007:149 (bind) File : nvt/gb_mandriva_MDKSA_2007_149.nasl |
2009-02-27 | Name : Fedora Update for bind FEDORA-2007-1247 File : nvt/gb_fedora_2007_1247_bind_fc7.nasl |
2009-02-27 | Name : Fedora Update for bind FEDORA-2007-4658 File : nvt/gb_fedora_2007_4658_bind_fc7.nasl |
2009-02-17 | Name : Fedora Update for bind FEDORA-2008-0904 File : nvt/gb_fedora_2008_0904_bind_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200708-13 (bind) File : nvt/glsa_200708_13.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-207-01 bind File : nvt/esoft_slk_ssa_2007_207_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36236 | ISC BIND allow-query-cache/allow-recursion ACL Bypass |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-04-21 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO |
2011-05-28 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-207-01.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1247.nasl - Type : ACT_GATHER_INFO |
2007-08-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200708-13.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-149.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 13:55:27 |
|