CVE-2010-3615
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
06/12/2010
Last modified:
11/04/2025
Description
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
- http://osvdb.org/69568
- http://secunia.com/advisories/42458
- http://secunia.com/advisories/42671
- http://securitytracker.com/id?1024817=
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
- http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
- http://www.isc.org/software/bind/advisories/cve-2010-3615
- http://www.kb.cert.org/vuls/id/510208
- http://www.securityfocus.com/bid/45134
- http://www.vupen.com/english/advisories/2010/3102
- http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051963.html
- http://osvdb.org/69568
- http://secunia.com/advisories/42458
- http://secunia.com/advisories/42671
- http://securitytracker.com/id?1024817=
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.622190
- http://www.isc.org/announcement/guidance-regarding-dec-1st-2010-security-advisories
- http://www.isc.org/software/bind/advisories/cve-2010-3615
- http://www.kb.cert.org/vuls/id/510208
- http://www.securityfocus.com/bid/45134
- http://www.vupen.com/english/advisories/2010/3102