CVE-2003-0914 : ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Published 2003-12-15 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2003-0914

SUN » Sunos » Version: 5.7
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
Matching versions
SUN » Sunos » Version: 5.8
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 7.0 X86 Edition
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9.0 Sparc Edition
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 8.0 X86 Edition
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
Matching versions
SUN » Solaris » Version: 9.0 X86 Edition
cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 5.0
cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.4
cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.5
cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.6
cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.7
cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.6.2
cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.8
cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
Matching versions
Freebsd » Freebsd » Version: 4.9
cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.00
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
Matching versions
HP » Hp-ux » Version: 11.11
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
Matching versions
IBM » AIX » Version: 5.1l
cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*
Matching versions
SCO » Unixware » Version: 7.1.1
cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*
Matching versions
Netbsd » Netbsd » Version: 1.6
cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
Matching versions
Netbsd » Netbsd » Version: 1.6.1
cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*
Matching versions
Netbsd » Netbsd » Version: Current
cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.2.4
cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.2.5
cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.2.6
cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.0
cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.1
cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.2
cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.3
cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.2.3
cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.2.7
cpe:2.3:a:isc:bind:8.2.7:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.4
cpe:2.3:a:isc:bind:8.3.4:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.5
cpe:2.3:a:isc:bind:8.3.5:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.4.1
cpe:2.3:a:isc:bind:8.4.1:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.3.6
cpe:2.3:a:isc:bind:8.3.6:*:*:*:*:*:*:*
Matching versions
ISC » Bind » Version: 8.4
cpe:2.3:a:isc:bind:8.4:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1
cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0f
cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0g
cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a
cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1 Pk5 Bl19
cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a Pk1 Bl1
cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0f Pk6 Bl17
cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0f Pk7 Bl18
cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a Pk2 Bl2
cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0g Pk3 Bl17
cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1 Pk3 Bl17
cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1 Pk4 Bl18
cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a Pk3 Bl3
cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1 Pk6 Bl20
cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1b Pk1 Bl1
cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1b
cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1b Pk2 Bl22
cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a Pk4 Bl21
cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 5.1a Pk5 Bl23
cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0g Pk4 Bl22
cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*
Matching versions
Compaq » Tru64 » Version: 4.0f Pk8 Bl22
cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*
Matching versions
Nixu » Namesurfer » Version: Suite 3.0.1
cpe:2.3:a:nixu:namesurfer:suite_3.0.1:*:*:*:*:*:*:*
Matching versions
Nixu » Namesurfer » Version: Standard 3.0.1
cpe:2.3:a:nixu:namesurfer:standard_3.0.1:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2003-0914

Top countries where our scanners detected CVE-2003-0914

Top open port discovered on systems with this issue 53

IPs affected by CVE-2003-0914 60

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2003-0914!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2003-0914

EPSS FAQ

15.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2003-0914

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2003-0914

ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434
http://www.debian.org/security/2004/dsa-409

Patch;Vendor Advisory
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt
http://www.kb.cert.org/vuls/id/734644

Patch;Third Party Advisory;US Government Resource
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011
http://secunia.com/advisories/10542
http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt

Jump to

Vulnerability Details : CVE-2003-0914

Products affected by CVE-2003-0914

Threat overview for CVE-2003-0914

Exploit prediction scoring system (EPSS) score for CVE-2003-0914

CVSS scores for CVE-2003-0914

References for CVE-2003-0914