CVE-2010-3613

{"id": "CVE-2010-3613", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-12-06T13:44:54.033", "references": [{"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc", "source": "cret@cert.org"}, {"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "source": "cret@cert.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051910.html", "source": "cret@cert.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html", "source": "cret@cert.org"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", "source": "cret@cert.org"}, {"url": "http://marc.info/?l=bugtraq&m=130270720601677&w=2", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/42374", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/42459", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/42522", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/42671", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/42707", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/43141", "source": "cret@cert.org"}, {"url": "http://securitytracker.com/id?1024817", "source": "cret@cert.org"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190", "source": "cret@cert.org"}, {"url": "http://support.apple.com/kb/HT5002", "source": "cret@cert.org"}, {"url": "http://support.avaya.com/css/P8/documents/100124923", "source": "cret@cert.org"}, {"url": "http://www.debian.org/security/2010/dsa-2130", "source": "cret@cert.org"}, {"url": "http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories", "source": "cret@cert.org"}, {"url": "http://www.isc.org/software/bind/advisories/cve-2010-3613", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/706148", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:253", "source": "cret@cert.org"}, {"url": "http://www.osvdb.org/69558", "source": "cret@cert.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0975.html", "source": "cret@cert.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0976.html", "source": "cret@cert.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-1000.html", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/45133", "source": "cret@cert.org"}, {"url": "http://www.ubuntu.com/usn/USN-1025-1", "source": "cret@cert.org"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3102", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3103", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3138", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3139", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2010/3140", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0267", "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0606", "source": "cret@cert.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12601", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data."}, {"lang": "es", "value": "named en ISC BIND 9.6.2 anteriores a 9.6.2-P3, 9.6-ESV anteriores a 9.6-ESV-R3, y 9.7.x anteriores a 9.7.2-P3 no maneja apropiadamente la combinaci\u00f3n de respuestas negativas firmadas y los correspondientes registros RRSIG en la cach\u00e9. Lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de una petici\u00f3n de datos de la cach\u00e9."}], "lastModified": "2018-10-10T20:04:51.650", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:9.6:*:*:*:esv:*:*:*", "vulnerable": true, "matchCriteriaId": "6C8BE53C-2A4A-4959-AA97-5ABC04CC0E72"}, {"criteria": "cpe:2.3:a:isc:bind:9.6:r1:*:*:esv:*:*:*", "vulnerable": true, "matchCriteriaId": "2677A691-12FF-40D9-90FD-772CE3C5A9B6"}, {"criteria": "cpe:2.3:a:isc:bind:9.6:r2:*:*:esv:*:*:*", "vulnerable": true, "matchCriteriaId": "D8A7089F-C797-4024-AFC1-E0E6458DE848"}, {"criteria": "cpe:2.3:a:isc:bind:9.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EC25639-482D-4574-B43B-497DDD8998B2"}, {"criteria": "cpe:2.3:a:isc:bind:9.6.2:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1B514E2-DC9A-4D6D-8D55-908A066872E6"}, {"criteria": "cpe:2.3:a:isc:bind:9.6.2:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E8097FD-5728-4C2F-9DD8-8C8F0FB0E00B"}, {"criteria": "cpe:2.3:a:isc:bind:9.6.2:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E0E3C04-D9DA-4D41-84CB-56874F8807FD"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B178BB5-A0DC-4014-A8CC-D89B0E2F9789"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:a1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1922EC10-F75A-41A5-B8AF-CDDCAA07A8B2"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:a2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D243C684-DD10-4F84-8806-A5E9BEBC3204"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:a3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0FC1DDA-B027-47C2-93CD-67013CB56388"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BE753CB-A16D-4605-8640-137CD4A2BB16"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:b2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037075F9-53E3-4DF6-B5C0-A6D1F5B60E6B"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:b3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "886DF882-E3F9-46E9-BC62-0A48292654D3"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B5F1155-78D6-480B-BC0A-1D36B08D2594"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A11247D0-A33E-4CE5-910A-F38B89C63EC0"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9478F4E-451D-4B4E-8054-E09522F97C59"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87393BF8-9FE3-4501-94CA-A1AA9E38E771"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC642B5-ACA4-4764-A9F2-3C87D5D8E9E0"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.1:b1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BD7DAD0-A750-48B1-A354-BB369BAE1C19"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A16CE093-38E0-4274-AD53-B807DE72AF91"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FB97DEB-A0A4-458C-A94B-46B7264AB0F1"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFDF6597-7131-4080-BCFC-46032138646C"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "881B8C5B-8A66-45AC-85E6-758B8A8153BF"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E2D144E-6A15-4B45-8B15-15B60FB33D71"}, {"criteria": "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5690EC8-66C9-4316-BEAB-C218843F7FCC"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}