Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.25 views

ISC BIND DoS Vulnerability (CVE-2018-5734) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

7.5CVSS7.5AI score0.06236EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.19 views

ISC BIND Information Disclosure Vulnerability (CVE-2017-3142) - Linux

ISC BIND is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

5.3CVSS5.3AI score0.05356EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.28 views

ISC BIND DoS Vulnerability (CVE-2018-5734) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

7.5CVSS7.5AI score0.06236EPSS
Exploits0References1
Prion
Prion
added 2019/10/09 4:15 p.m.19 views

Design/Logic Flaw

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

5CVSS7.4AI score0.02539EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/10/09 2:17 p.m.20 views

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

7.5CVSS6.2AI score0.01946EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/04/30 12:0 a.m.43 views

ISC BIND DoS Vulnerability (CVE-2019-6468) - Linux

ISC BIND Supported Preview Edition is prone to a denial of service vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

7.5CVSS7.4AI score0.02539EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/04/24 12:0 a.m.22 views

CVE-2019-6468

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

7.5CVSS6.4AI score0.02539EPSS
Exploits0References1
OSV
OSV
added 2019/04/24 12:0 a.m.3 views

UBUNTU-CVE-2019-6468

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

7.5CVSS6.4AI score0.02539EPSS
Exploits0References2
OSV
OSV
added 2019/01/16 8:29 p.m.23 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

5.9CVSS6.6AI score
Exploits0References8
NVD
NVD
added 2019/01/16 8:29 p.m.20 views

CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

5.9CVSS5.5AI score0.1213EPSS
Exploits0References6
Cvelist
Cvelist
added 2019/01/16 8:0 p.m.26 views

CVE-2018-5734 A malformed request can trigger an assertion failure in badcache.c

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected...

7.5CVSS7.4AI score0.06236EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.51 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.4AI score0.05356EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.37 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

7.5CVSS6.9AI score0.18157EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.102 views

ISC BIND Security Bypass Vulnerability

A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request...

7.5CVSS5.8AI score0.18157EPSS
Exploits1References1
Rows per page
Query Builder