CVE-2010-3615
published 2010-12-06CVE-2010-3615: named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for…
medium5CVSS 3.1
AVNACLAuNCPINAN
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | < bind9 1:9.7.2.dfsg.P3-1 (bookworm) | bind9 1:9.7.2.dfsg.P3-1 (bookworm) |
| isc | bind | — | — |
| isc | bind9 | >= 0 < 1:9.7.2.dfsg.P3-1 | 1:9.7.2.dfsg.P3-1 |
| isc | bind9 | >= 0 < 1:9.7.2.dfsg.P3-1 | 1:9.7.2.dfsg.P3-1 |
| isc | bind9 | >= 0 < 1:9.7.2.dfsg.P3-1 | 1:9.7.2.dfsg.P3-1 |
| isc | bind9 | >= 0 < 1:9.7.2.dfsg.P3-1 | 1:9.7.2.dfsg.P3-1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM