Vulnerability Note VU#837744
ISC BIND named validator vulnerability
ISC BIND named contains a vulnerability where under certain situations it could incorrectly mark zone data as insecure.
According to ISC:
named, acting as a DNSSEC validator, was determining if an NS RRset is insecure based on a value that could mean either that the RRset is actually insecure or that there wasn't a matching key for the RRSIG in the DNSKEY RRset when resuming from validating the DNSKEY RRset.
Answers are marked incorrectly as insecure.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Internet Systems Consortium||Affected||-||01 Dec 2010|
CVSS Metrics (Learn More)
Thanks to Internet Systems Consortium for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2010-3614
- Date Public: 01 Dec 2010
- Date First Published: 01 Dec 2010
- Date Last Updated: 01 Dec 2010
- Severity Metric: 7.65
- Document Revision: 17
If you have feedback, comments, or additional information about this vulnerability, please send us email.