Vulnerability Details CVE-2010-3615
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.092
EPSS Ranking 92.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
- http://osvdb.org/69568
- http://secunia.com/advisories/42458
- http://secunia.com/advisories/42671
- http://securitytracker.com/id?1024817
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
- http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
- http://www.isc.org/software/bind/advisories/cve-2010-3615
- http://www.kb.cert.org/vuls/id/510208
- http://www.securityfocus.com/bid/45134
- http://www.vupen.com/english/advisories/2010/3102
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
- http://osvdb.org/69568
- http://secunia.com/advisories/42458
- http://secunia.com/advisories/42671
- http://securitytracker.com/id?1024817
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
- http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
- http://www.isc.org/software/bind/advisories/cve-2010-3615
- http://www.kb.cert.org/vuls/id/510208
- http://www.securityfocus.com/bid/45134
- http://www.vupen.com/english/advisories/2010/3102