CVE-2007-2241

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.

References

http://osvdb.org/34748

http://secunia.com/advisories/25070

http://www.isc.org/index.pl?/sw/bind/bind-security.php

http://www.kb.cert.org/vuls/id/718460

http://www.mandriva.com/security/advisories?name=MDKSA-2007:100

http://www.securityfocus.com/bid/23738

http://www.securitytracker.com/id?1017985

http://www.vupen.com/english/advisories/2007/1593

https://exchange.xforce.ibmcloud.com/vulnerabilities/33988

Details

Source: MITRE

Published: 2007-05-02

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
147379NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2021-0017)NessusNewStart CGSL Local Security Checks
critical
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
high
99569OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)NessusOracleVM Local Security Checks
high
37907Mandrake Linux Security Advisory : bind (MDKSA-2007:100)NessusMandriva Local Security Checks
high
27657Fedora 7 : bind-9.4.1-4.fc7 (2007-0300)NessusFedora Local Security Checks
high
3978ISC BIND 9 'query.c' Function Unspecified Recursive Query DoSNessus Network MonitorDNS Servers
medium
25121ISC BIND < 9.4.1 / 9.5.0a4 query.c query_addsoa Function Recursive Query DoSNessusDNS
high