CVE-2007-2925

Description

The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

Risk Information

Base Score

8.2

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS Score

Exploitation Probability

1.818

Associated Vulnerability

Vulnerability	OS Platform
Update bind 9.5.0a5 to latest version	Windows
Multiple Vulnerabilities are affected in BIND 9.4.0	Windows
Multiple Vulnerabilities are affected in BIND 9.5.0	Windows
Multiple Vulnerabilities are affected in BIND 9.4.1	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234