Lucene search
K

150 matches found

Exploit DB
Exploit DB
added 2015/08/01 12:0 a.m.187 views

ISC BIND 9 - TKEY (PoC)

/ PoC for BIND9 TKEY assert Dos CVE-2015-5477 Usage: tkill What it does: - First sends a "version" query to see if the server is up. - Regardless of the version response, it then sends the DoS packet. - Then it waits 5 seconds for a response. If the server crashes, there will be no response. Note...

7.8CVSS7.8AI score0.91284EPSS
Exploits12
OpenVAS
OpenVAS
added 2015/08/01 12:0 a.m.17 views

Fedora Update for bind FEDORA-2015-12335

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.91284EPSS
Exploits12References2
OSV
OSV
added 2015/07/31 10:46 p.m.12 views

MGASA-2015-0298 Updated bind package fixes security vulnerability

An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit CVE-2015-5477...

7.8CVSS6.2AI score0.91284EPSS
Exploits12References5
Mageia
Mageia
added 2015/07/31 10:46 p.m.42 views

Updated bind package fixes security vulnerability

An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit CVE-2015-5477...

7.8CVSS7.7AI score0.91284EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.33 views

SUSE SLES11 Security Update : bind (SUSE-SU-2015:1316-1)

bind was updated to fix one security issue. This security issue was fixed : - CVE-2015-5477: Remote DoS via TKEY queries bsc939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packe...

7.8CVSS7AI score0.91284EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.42 views

OracleVM 3.3 : bind (OVMSA-2015-0105)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2015-5477 - Fix CVE-2015-4620 - Resolves: 1215687 - DNS resolution failure in high load environment with SERVFAIL and 'out of memory/success' in the log - Fix CVE-2015-1349 - Enable RPZ-NSIP a...

7.8CVSS7AI score0.91284EPSS
Exploits12References5
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.17 views

SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:1304-1)

bind was updated to fix one security issue. This security issue was fixed : - CVE-2015-5477: Remote DoS via TKEY queries bsc939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packe...

7.8CVSS7AI score0.91284EPSS
Exploits12References4
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.23 views

Scientific Linux Security Update : bind on SL5.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.20 views

Oracle Linux 5 : bind (ELSA-2015-1514)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1514 advisory. - Fix CVE-2015-5477 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

7.8CVSS7AI score0.91284EPSS
Exploits12References2
OpenVAS
OpenVAS
added 2015/07/30 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-2693-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.91284EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.20 views

Oracle Linux 5 : bind97 (ELSA-2015-1515)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1515 advisory. - Fix CVE-2015-5477 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

7.8CVSS7AI score0.91284EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.27 views

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20150729)

A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named functioning as an authoritative DNS server or a DNS resolver exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2015-5477...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References2
OSV
OSV
added 2015/07/29 2:59 p.m.6 views

CVE-2015-5477

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via TKEY queries...

6.4AI score0.91284EPSS
Exploits12References43
NVD
NVD
added 2015/07/29 2:59 p.m.19 views

CVE-2015-5477

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via TKEY queries...

7.8CVSS8.3AI score0.91284EPSS
Exploits12References42
CVE
CVE
added 2015/07/29 2:0 p.m.306 views

CVE-2015-5477

CVE-2015-5477 affects ISC BIND 9.x prior to 9.9.7-P2 and 9.10.x prior to 9.10.2-P3. Root cause: improper handling of TKEY DNS resource records causes an assertion failure, forcing the named daemon to exit and potentially crash. Impact: remote denial of service via crafted TKEY queries. Remediatio...

7.8CVSS7.2AI score0.91284EPSS
Exploits12References42Affected Software1
Debian CVE
Debian CVE
added 2015/07/29 2:0 p.m.57 views

CVE-2015-5477

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via TKEY queries...

7.8CVSS7.2AI score0.91284EPSS
Exploits12
Cent OS
Cent OS
added 2015/07/29 2:4 a.m.72 views

bind, caching security update

CentOS Errata and Security Advisory CESA-2015:1514 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References7
Cent OS
Cent OS
added 2015/07/29 2:3 a.m.65 views

bind97 security update

CentOS Errata and Security Advisory CESA-2015:1515 Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References7
Cent OS
Cent OS
added 2015/07/29 1:43 a.m.72 views

bind security update

CentOS Errata and Security Advisory CESA-2015:1513 Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score,...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.40 views

CentOS 6 / 7 : bind (CESA-2015:1513)

"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.8CVSS6.9AI score0.91284EPSS
Exploits12References3
Rows per page
Query Builder