Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2003-0914

Published: 15/12/2003 Updated: 30/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Isc

Vulnerability Summary

ISC BIND 8.3.x prior to 8.3.7, and 8.4.x prior to 8.4.3, allows remote malicious users to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Vulnerable Product Search on Vulmon Subscribe to Product

isc bind 8.2.3

isc bind 8.3.2

isc bind 8.3.3

nixu namesurfer suite_3.0.1

isc bind 8.2.4

isc bind 8.2.5

isc bind 8.3.4

isc bind 8.3.5

isc bind 8.3.0

isc bind 8.3.1

isc bind 8.4.1

nixu namesurfer standard_3.0.1

isc bind 8.2.6

isc bind 8.2.7

isc bind 8.3.6

isc bind 8.4

compaq tru64 5.1

compaq tru64 5.1_pk3_bl17

compaq tru64 5.1a_pk3_bl3

compaq tru64 5.1a_pk4_bl21

freebsd freebsd 4.6

freebsd freebsd 4.6.2

netbsd netbsd 1.6

netbsd netbsd 1.6.1

sun solaris 9.0

compaq tru64 4.0f

compaq tru64 4.0f_pk6_bl17

compaq tru64 5.1_pk4_bl18

compaq tru64 5.1_pk5_bl19

compaq tru64 5.1a_pk5_bl23

compaq tru64 5.1b

freebsd freebsd 4.7

freebsd freebsd 4.8

netbsd netbsd current

sco unixware 7.1.1

compaq tru64 4.0g

compaq tru64 4.0g_pk3_bl17

compaq tru64 4.0g_pk4_bl22

compaq tru64 5.1a_pk1_bl1

compaq tru64 5.1a_pk2_bl2

freebsd freebsd 4.4

freebsd freebsd 4.5

hp hp-ux 11.11

ibm aix 5.1l

sun sunos 5.8

sun solaris 8.0

compaq tru64 4.0f_pk7_bl18

compaq tru64 4.0f_pk8_bl22

compaq tru64 5.1_pk6_bl20

compaq tru64 5.1a

compaq tru64 5.1b_pk1_bl1

compaq tru64 5.1b_pk2_bl22

freebsd freebsd 4.9

freebsd freebsd 5.0

hp hp-ux 11.00

sun sunos 5.7

sun solaris 7.0

Vendor Advisories

Debian Security Advisories: DSA-409-1 bind -- denial of service
A vulnerability was discovered in BIND, a domain name server, whereby a malicious name server could return authoritative negative responses with a large TTL (time-to-live) value, thereby rendering a domain name unreachable A successful attack would require that a vulnerable BIND instance submit a query to a malicious nameserver The bind9 package ...

References

NVD-CWE-Otherhttp://www.kb.cert.org/vuls/id/734644http://www.debian.org/security/2004/dsa-409http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txtftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txtftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txthttp://secunia.com/advisories/10542https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011https://nvd.nist.govhttps://www.debian.org/security/./dsa-409https://www.kb.cert.org/vuls/id/734644
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook