CVE-2010-0213

BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:N/I:N/A:P
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
iscbind
9.7.1
iscbind
9.7.1:p1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bind9
bullseye
1:9.16.50-1~deb11u2
fixed
lenny
not-affected
bullseye (security)
1:9.16.50-1~deb11u1
fixed
bookworm
1:9.18.28-1~deb12u2
fixed
bookworm (security)
1:9.18.28-1~deb12u2
fixed
sid
1:9.20.2-1
fixed
trixie
1:9.20.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bind9
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
not-affected
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044445.html
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
http://secunia.com/advisories/40652
http://secunia.com/advisories/40709
http://www.isc.org/software/bind/advisories/cve-2010-0213
http://www.kb.cert.org/vuls/id/211905
http://www.securityfocus.com/bid/41730
http://www.securitytracker.com/id?1024217
http://www.vupen.com/english/advisories/2010/1884
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044445.html
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html
http://secunia.com/advisories/40652
http://secunia.com/advisories/40709
http://www.isc.org/software/bind/advisories/cve-2010-0213
http://www.kb.cert.org/vuls/id/211905
http://www.securityfocus.com/bid/41730
http://www.securitytracker.com/id?1024217
http://www.vupen.com/english/advisories/2010/1884