Lucene search

BIND Security Vulnerabilities

cve

CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query.....

7.6AI Score

0.009EPSS

2010-01-22 10:00 PM

140

cve

CVE-2009-4022

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive.....

6.7AI Score

0.013EPSS

2009-11-25 04:30 PM

203

cve

CVE-2009-0696

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite...

4.6AI Score

0.965EPSS

2009-07-29 05:30 PM

234

cve

CVE-2009-0265

Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and...

7.5CVSS

6.5AI Score

0.004EPSS

2009-01-26 03:30 PM

130

cve

CVE-2009-0025

BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to...

6.6AI Score

0.019EPSS

2009-01-07 05:30 PM

193

cve

CVE-2008-4163

Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown...

6.8AI Score

0.029EPSS

2008-09-22 06:52 PM

205

cve

CVE-1999-1499

named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is...

7.1AI Score

0.0004EPSS

1998-04-10 04:00 AM

cve

CVE-1999-0009

Inverse query buffer overflow in BIND 4.9 and BIND 8...

7.3AI Score

0.09EPSS

1998-04-08 04:00 AM

cve

CVE-1999-0011

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone...

7AI Score

0.012EPSS

1998-04-08 04:00 AM

cve

CVE-1999-0010

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS...

6.8AI Score

0.003EPSS

1998-04-08 04:00 AM

cve

CVE-1999-0024

DNS cache poisoning via BIND, by predictable query...

6.7AI Score

0.007EPSS

1997-08-13 04:00 AM

307

cve

CVE-1999-0184

When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS...

6.8AI Score

0.007EPSS

1997-07-01 04:00 AM

Total number of security vulnerabilities112