CVE Vulnerabilities

CVE-2003-0914

Published: Dec 15, 2003 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Affected Software

Name Vendor Start Version End Version
Bind Isc 8.2.3 8.2.3
Bind Isc 8.2.4 8.2.4
Bind Isc 8.2.5 8.2.5
Bind Isc 8.2.6 8.2.6
Bind Isc 8.2.7 8.2.7
Bind Isc 8.3.0 8.3.0
Bind Isc 8.3.1 8.3.1
Bind Isc 8.3.2 8.3.2
Bind Isc 8.3.3 8.3.3
Bind Isc 8.3.4 8.3.4
Bind Isc 8.3.5 8.3.5
Bind Isc 8.3.6 8.3.6
Bind Isc 8.4 8.4
Bind Isc 8.4.1 8.4.1
Namesurfer Nixu standard_3.0.1 standard_3.0.1
Namesurfer Nixu suite_3.0.1 suite_3.0.1

References