CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
85.1%
libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options,
which allows remote attackers to cause a denial of service (REQUIRE
assertion failure and daemon exit) via a crafted packet, as demonstrated by
an attack against named, dig, or delv.
Author | Note |
---|---|
mdeslaur | only affected 9.10+ |