CVE-2015-5477
84Vexday Risk Score
Corrija agora. Ela exploração observada pelo VulnCheck e tem exploit funcional público.
ssvc Actepss 91%
da publicação à arma2 dias
Publicada no NVD29 de jul.
1ª PoC+2d
metasploit28 de jul.
VulnCheck+4d
probabilidade de exploração
91%top 1% das CVEs
exploração observada
simVulnCheck
16 exploit(s) público(s)
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 16
githubgithub.com/robertdavidgraham/cve-2015-5477★ 64githubgithub.com/elceef/tkeypoc★ 14githubgithub.com/ilanyu/cve-2015-5477★ 1githubgithub.com/knqyf263/cve-2015-5477★ 1githubgithub.com/hmlio/vaas-cve-2015-5477★ 1githubgithub.com/likekabin/ShareDoc_cve-2015-5477★ 0githubgithub.com/xycloops123/TKEY-remote-DoS-vulnerability-exploit★ 0cve_referencewww.exploit-db.com/exploits/37723/não verificadocve_referencewww.exploit-db.com/exploits/37721/não verificadocve_referencepacketstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/37723não verificadoexploitdbwww.exploit-db.com/exploits/37721não verificadovulncheckvulncheck.com/xdb/c7383d75ca4dnão verificadovulncheckvulncheck.com/xdb/015153ada07dnão verificadovulncheckvulncheck.com/xdb/55a2cb0838d4não verificadovulncheckvulncheck.com/xdb/6a3d6ac5fd3fnão verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Referências
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163006.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-August/163007.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-August/163015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.htmlhttp://marc.info/?l=bugtraq&m=144000632319155&w=2