CVE-2010-0218
ISC BIND 9.7.2-9.7.2-P1 - Unauthenticated Cache Snooping via RD Queries
Title source: llmDescription
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
References (3)
Core 3
Core References
Vendor Advisory mailing-list
x_refsource_mlist
https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
Patch x_refsource_confirm
http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/784855
Scores
EPSS
0.0211
EPSS Percentile
84.3%
Details
CWE
CWE-264
Status
published
Products (1)
isc/bind
9.7.2 (2 CPE variants)
Published
Oct 05, 2010
Tracked Since
Feb 18, 2026