CVE-2010-3613

Name of the Vulnerable Software and Affected Versions Debian GNU/Linux (affected versions not specified) ISC BIND versions 9.6.2 through 9.6.2-P3 ISC BIND versions 9.6-ESV through 9.6-ESV-R3 ISC BIND versions 9.7.x through 9.7.2-P3

Description The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libisccc50, lwresd, libisccfg50, liblwres50, and libdns58, which can lead to disruption of data integrity and availability. These vulnerabilities can be exploited remotely. Additionally, a specific vulnerability in ISC BIND 9 allows remote attackers to cause a denial of service (daemon crash) by querying cached data that combines signed negative responses and corresponding RRSIG records.

Recommendations For ISC BIND 9.6.2, update to version 9.6.2-P3 or later. For ISC BIND 9.6-ESV, update to version 9.6-ESV-R3 or later. For ISC BIND 9.7.x, update to version 9.7.2-P3 or later. At the moment, there is no information about a newer version that contains a fix for the vulnerabilities in the Debian GNU/Linux packages.