DEPRECATED: Code

CVE-2015-4620

High

7.8/10

Summary

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: COMPLETE

CWE-17 - DEPRECATED: Code

This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

References

Advisory Timeline

Published Jul 08, 2015

DEPRECATED: Code

CVE-2015-4620

Summary

CWE-17 - DEPRECATED: Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS