Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-2925
Modified
More InfoOfficial Page
Source-cret@cert.org
View Known Exploited Vulnerability (KEV) details
Published At-24 Jul, 2007 | 17:30
Updated At-30 Oct, 2018 | 16:27

The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Type: Primary
Version: 2.0
Base score: 5.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N
CPE Matches
Internet Systems Consortium, Inc.
isc
>>bind>>9.4.0
cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>bind>>9.4.1
cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*
Internet Systems Consortium, Inc.
isc
>>bind>>9.5.0
cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-07-26T00:00:00

Not vulnerable. This issu did not affect the versions of bind as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References
HyperlinkSourceResource
http://secunia.com/advisories/26227cret@cert.org
N/A
http://secunia.com/advisories/26236cret@cert.org
N/A
http://secunia.com/advisories/26509cret@cert.org
N/A
http://secunia.com/advisories/26515cret@cert.org
N/A
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903cret@cert.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xmlcret@cert.org
N/A
http://www.isc.org/index.pl?/sw/bind/bind-security.phpcret@cert.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149cret@cert.org
N/A
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.htmlcret@cert.org
N/A
http://www.securityfocus.com/bid/25076cret@cert.org
N/A
http://www.securitytracker.com/id?1018441cret@cert.org
N/A
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385cret@cert.org
N/A
http://www.vupen.com/english/advisories/2007/2628cret@cert.org
N/A
http://www.vupen.com/english/advisories/2007/2914cret@cert.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/35571cret@cert.org
N/A
Hyperlink: http://secunia.com/advisories/26227
Source: cret@cert.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26236
Source: cret@cert.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26509
Source: cret@cert.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26515
Source: cret@cert.org
Resource: N/A
Hyperlink: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.isc.org/index.pl?/sw/bind/bind-security.php
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:149
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25076
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1018441
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2628
Source: cret@cert.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/2914
Source: cret@cert.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/35571
Source: cret@cert.org
Resource: N/A
Change History
0Changes found
Details not found