14 matches found
ISC BIND DoS Vulnerability (CVE-2018-5734) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
ISC BIND Information Disclosure Vulnerability (CVE-2017-3142) - Linux
ISC BIND is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...
ISC BIND DoS Vulnerability (CVE-2018-5734) - Windows
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Design/Logic Flaw
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...
CVE-2019-6469
An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...
ISC BIND DoS Vulnerability (CVE-2019-6468) - Linux
ISC BIND Supported Preview Edition is prone to a denial of service vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...
CVE-2019-6468
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...
UBUNTU-CVE-2019-6468
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...
CVE-2017-3143
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...
CVE-2017-3140
If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...
CVE-2018-5734 A malformed request can trigger an assertion failure in badcache.c
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected...
CVE-2017-3142
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...
CVE-2017-3143
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...
ISC BIND Security Bypass Vulnerability
A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request...