CVE-2010-0218

Published: Oct 5, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.

Affected (2)

Products: Isc: Bind

Isc

1 product

Bind

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Isc Bind	Version 9.7.2
Isc Bind	Version 9.7.2 p1

Related CWEs

CWE-264

References (6)

http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html

Source: cret@cert.org

Patch

http://www.kb.cert.org/vuls/id/784855

Source: cret@cert.org

US Government Resource

https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html

Source: cret@cert.org

Vendor Advisory

http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.kb.cert.org/vuls/id/784855

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.