CVE-2003-0914

N/A Unknown

Published: December 15, 2003 Modified: April 16, 2026

Description

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt

Source: cve@mitre.org

http://secunia.com/advisories/10542

Source: cve@mitre.org

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-409

Source: cve@mitre.org

Patch Vendor Advisory

http://www.kb.cert.org/vuls/id/734644

Source: cve@mitre.org

Patch Third Party Advisory US Government Resource

http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2011

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt