What is CVE-2003-0914?

CVE-2003-0914 is a vulnerability in Compaq Tru64. Published 2003-12-15.

Is CVE-2003-0914 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Compaq Tru64

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

EPSS: 0.032 (86.3th percentile) — read the EPSS interpretation.

Affected products

Compaq Tru64 — versions 4.0f, 4.0f_pk6_bl17, 4.0f_pk7_bl18
Freebsd — versions 4.4, 4.5, 4.6
Hp Hp-ux — versions 11.00, 11.11
Ibm Aix — versions 5.1l
Isc Bind — versions 8.2.3, 8.2.4, 8.2.5
Netbsd — versions 1.6, 1.6.1, current
Nixu Namesurfer — versions standard_3.0.1, suite_3.0.1
Sco Unixware — versions 7.1.1
Sun Solaris — versions 7.0, 8.0, 9.0
Sun Sunos — versions 5.7, 5.8

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
cve@mitre.org (vendor-advisory, x_refsource_TRUSTIX)
cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
cve@mitre.org (vendor-advisory, Patch, x_refsource_DEBIAN, Vendor Advisory)
cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2003-0914?: CVE-2003-0914 is a vulnerability in Compaq Tru64. Published 2003-12-15.
Is CVE-2003-0914 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.