CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Published: 2003-12-15 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2003-0914 is rated Moderate Risk (54.1/100): CVSS Medium severity, with high exploitation likelihood (EPSS 29.90%, 97th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +3.15% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2003-0914

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-03-02 26.75% 29.90% +3.15%
2 2025-08-06 19.85% 26.75% +6.91%
3 2025-06-20 19.85%

Full EPSS history (13 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2003-0914

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:N)
No availability impact.
 8.6 2.9 [email protected]

Weakness enumeration for CVE-2003-0914

Affected software / configurations for CVE-2003-0914

Vendor Product Version Raw CPE
isc bind 8.2.3 cpe:2.3:a:isc:bind:8.2.3:*:*:*:*:*:*:*
isc bind 8.2.4 cpe:2.3:a:isc:bind:8.2.4:*:*:*:*:*:*:*
isc bind 8.2.5 cpe:2.3:a:isc:bind:8.2.5:*:*:*:*:*:*:*
isc bind 8.2.6 cpe:2.3:a:isc:bind:8.2.6:*:*:*:*:*:*:*
isc bind 8.2.7 cpe:2.3:a:isc:bind:8.2.7:*:*:*:*:*:*:*
isc bind 8.3.0 cpe:2.3:a:isc:bind:8.3.0:*:*:*:*:*:*:*
isc bind 8.3.1 cpe:2.3:a:isc:bind:8.3.1:*:*:*:*:*:*:*
isc bind 8.3.2 cpe:2.3:a:isc:bind:8.3.2:*:*:*:*:*:*:*
isc bind 8.3.3 cpe:2.3:a:isc:bind:8.3.3:*:*:*:*:*:*:*
isc bind 8.3.4 cpe:2.3:a:isc:bind:8.3.4:*:*:*:*:*:*:*
isc bind 8.3.5 cpe:2.3:a:isc:bind:8.3.5:*:*:*:*:*:*:*
isc bind 8.3.6 cpe:2.3:a:isc:bind:8.3.6:*:*:*:*:*:*:*
isc bind 8.4 cpe:2.3:a:isc:bind:8.4:*:*:*:*:*:*:*
isc bind 8.4.1 cpe:2.3:a:isc:bind:8.4.1:*:*:*:*:*:*:*
nixu namesurfer standard_3.0.1 cpe:2.3:a:nixu:namesurfer:standard_3.0.1:*:*:*:*:*:*:*
nixu namesurfer suite_3.0.1 cpe:2.3:a:nixu:namesurfer:suite_3.0.1:*:*:*:*:*:*:*
compaq tru64 4.0f cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
compaq tru64 4.0f_pk6_bl17 cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*
compaq tru64 4.0f_pk7_bl18 cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*
compaq tru64 4.0f_pk8_bl22 cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*
compaq tru64 4.0g cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
compaq tru64 4.0g_pk3_bl17 cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*
compaq tru64 4.0g_pk4_bl22 cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*
compaq tru64 5.1 cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
compaq tru64 5.1_pk3_bl17 cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*
compaq tru64 5.1_pk4_bl18 cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*
compaq tru64 5.1_pk5_bl19 cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*
compaq tru64 5.1_pk6_bl20 cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*
compaq tru64 5.1a cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
compaq tru64 5.1a_pk1_bl1 cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*
compaq tru64 5.1a_pk2_bl2 cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*
compaq tru64 5.1a_pk3_bl3 cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*
compaq tru64 5.1a_pk4_bl21 cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*
compaq tru64 5.1a_pk5_bl23 cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*
compaq tru64 5.1b cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*
compaq tru64 5.1b_pk1_bl1 cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*
compaq tru64 5.1b_pk2_bl22 cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*
freebsd freebsd 4.4 cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*
freebsd freebsd 4.5 cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*
freebsd freebsd 4.6 cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
freebsd freebsd 4.6.2 cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*
freebsd freebsd 4.7 cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
freebsd freebsd 4.8 cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
freebsd freebsd 4.9 cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
freebsd freebsd 5.0 cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
hp hp-ux 11.00 cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
hp hp-ux 11.11 cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
ibm aix 5.1l cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*
netbsd netbsd 1.6 cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*
netbsd netbsd 1.6.1 cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*
netbsd netbsd current cpe:2.3:o:netbsd:netbsd:current:*:*:*:*:*:*:*
sco unixware 7.1.1 cpe:2.3:o:sco:unixware:7.1.1:*:*:*:*:*:*:*
sun solaris 7.0 cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
sun solaris 8.0 cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
sun solaris 9.0 cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
sun solaris 9.0 cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
sun sunos 5.7 cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
sun sunos 5.8 cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

References for CVE-2003-0914

cvelogic Threat Intelligence