CVE-2010-0290

Name of the Vulnerable Software and Affected Versions ISC BIND versions 9.0.x through 9.3.x ISC BIND versions 9.4 before 9.4.3-P5 ISC BIND versions 9.5 before 9.5.2-P2 ISC BIND versions 9.6 before 9.6.1-P3 ISC BIND version 9.7.0 beta

Description The issue allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains CNAME or DNAME records, which do not have the intended validation before caching. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out remotely.

Recommendations For ISC BIND versions 9.0.x through 9.3.x, update to a version with the complete fix for the issue. For ISC BIND versions 9.4 before 9.4.3-P5, update to version 9.4.3-P5 or later. For ISC BIND versions 9.5 before 9.5.2-P2, update to version 9.5.2-P2 or later. For ISC BIND versions 9.6 before 9.6.1-P3, update to version 9.6.1-P3 or later. For ISC BIND version 9.7.0 beta, consider disabling DNSSEC validation until a fixed version is available.