CVE-2010-3614

CVE Details

Release Date:2010-12-06

Description


named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.

See more information about CVE-2010-3614 from MITRE CVE dictionary and NIST NVD


CVSS v2.0 metrics


NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.

Base Score: 6.4 Base Metrics: AV:N/AC:L/Au:N/C:N/I:P/A:P
Access Vector: Network Attack Complexity: Low
Authentication: None required Confidentiality Impact: None
Integrity Impact: Partial Availability Impact: Partial

Errata information


PlatformErrataRelease Date
Oracle Linux version 5 (bind)ELSA-2010-09762010-12-13
Oracle Linux version 6 (bind)ELSA-2010-09752011-02-10



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete