Oval Definition:oval:org.opensuse.security:def:20100290
Revision Date:2022-05-20Version:1
Title:CVE-2010-0290
Description:

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-0290
Mitre CVE-2010-0290
SUSE CVE-2010-0290
SUSE-SA:2010:008
SUSE-SA:2010:008
Platform(s):openSUSE 11.0
openSUSE 11.1
openSUSE 11.2
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server for SAP Applications 11
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • bind-9.5.0P2-20.7 is installed
  • OR bind-chrootenv-9.5.0P2-20.7 is installed
  • OR bind-doc-9.5.0P2-20.7 is installed
  • OR bind-libs-9.5.0P2-20.7 is installed
  • OR bind-libs-32bit-9.5.0P2-20.7 is installed
  • OR bind-libs-x86-9.5.0P2-20.7 is installed
  • OR bind-utils-9.5.0P2-20.7 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND Package Information
  • bind-9.5.0P2-20.7.1 is installed
  • OR bind-chrootenv-9.5.0P2-20.7.1 is installed
  • OR bind-doc-9.5.0P2-20.7.1 is installed
  • OR bind-libs-9.5.0P2-20.7.1 is installed
  • OR bind-libs-32bit-9.5.0P2-20.7.1 is installed
  • OR bind-libs-x86-9.5.0P2-20.7.1 is installed
  • OR bind-utils-9.5.0P2-20.7.1 is installed
    • BACK