CVE-2006-0987 — Bind vulnerability
7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
36.9%
top 2.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedMar 3
Latest updateMay 1
Description
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Patches
🔴Vulnerability Details
3📋Vendor Advisories
2💬Community
1Bugzilla▶
CVE-2006-0987 bind: DDoS (traffic amplification) via DNS queries with spoofed IP addresses due to additional information delegation to arbitrary IP addresses↗2012-11-06