CVE-2010-3614
EPSS 6.8%
Description
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
How to fix CVE-2010-3614
To remediate CVE-2010-3614, upgrade the affected package to a fixed version below.
- Debian/bind9—upgrade to 1:9.7.2.dfsg.P3-1 or later
Is CVE-2010-3614 being exploited?
Moderate — EPSS is 6.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1:9.7.2.dfsg.P3-1