CVE-2007-2925

ISC BIND <9.5.0a6 - Info Disclosure

Title source: llm
STIX 2.1

Description

The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

References (15)

Core 15
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25076
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2914
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018441
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2628
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26509
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35571
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml
Various Sources x_refsource_confirm
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26227
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26515
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26236
Vendor Advisory vendor-advisory x_refsource_openpkg
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html

Scores

EPSS 0.0221
EPSS Percentile 84.7%

Details

Status published
Products (3)
isc/bind 9.4.0
isc/bind 9.4.1
isc/bind 9.5.0
Published Jul 24, 2007
Tracked Since Feb 18, 2026