CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0591

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.435

EPSS Ranking 97.4%

CVSS Severity

CVSS v2 Score 2.6

References

Products affected by CVE-2014-0591

Isc » Bind » Version: 9.6

cpe:2.3:a:isc:bind:9.6
Isc » Bind » Version: 9.6.0

cpe:2.3:a:isc:bind:9.6.0
Isc » Bind » Version: 9.6.1

cpe:2.3:a:isc:bind:9.6.1
Isc » Bind » Version: 9.6.2

cpe:2.3:a:isc:bind:9.6.2
Isc » Bind » Version: 9.6.3

cpe:2.3:a:isc:bind:9.6.3
Isc » Bind » Version: 9.7.0

cpe:2.3:a:isc:bind:9.7.0
Isc » Bind » Version: 9.7.1

cpe:2.3:a:isc:bind:9.7.1
Isc » Bind » Version: 9.7.2

cpe:2.3:a:isc:bind:9.7.2
Isc » Bind » Version: 9.7.3

cpe:2.3:a:isc:bind:9.7.3
Isc » Bind » Version: 9.7.4

cpe:2.3:a:isc:bind:9.7.4
Isc » Bind » Version: 9.7.5

cpe:2.3:a:isc:bind:9.7.5
Isc » Bind » Version: 9.7.6

cpe:2.3:a:isc:bind:9.7.6
Isc » Bind » Version: 9.7.7

cpe:2.3:a:isc:bind:9.7.7
Isc » Bind » Version: 9.8.0

cpe:2.3:a:isc:bind:9.8.0
Isc » Bind » Version: 9.8.1

cpe:2.3:a:isc:bind:9.8.1
Isc » Bind » Version: 9.8.2

cpe:2.3:a:isc:bind:9.8.2
Isc » Bind » Version: 9.8.3

cpe:2.3:a:isc:bind:9.8.3
Isc » Bind » Version: 9.8.4

cpe:2.3:a:isc:bind:9.8.4
Isc » Bind » Version: 9.8.5

cpe:2.3:a:isc:bind:9.8.5
Isc » Bind » Version: 9.8.6

cpe:2.3:a:isc:bind:9.8.6
Isc » Bind » Version: 9.9.4

cpe:2.3:a:isc:bind:9.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0591

Products

Pricing

Contact Us