25 matches found
EulerOS 2.0 SP10 : bind (EulerOS-SA-2025-2378)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
Linux Distros Unpatched Vulnerability : CVE-2025-40780
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port...
RHSA-2025:1678 Red Hat Security Advisory: bind9.16 security update
Bulletin has no description...
RHEL 8 : bind9.16 (RHSA-2024:5418)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5418 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
RHEL 8 : bind9.16 (RHSA-2024:5390)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5390 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Bind vulnerabilities (USN-6909-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-1 advisory. It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue...
PT-2024-15380 · Thales · Thales Safenet Sentinel Hasp Ldk
Name of the Vulnerable Software and Affected Versions: Thales SafeNet Sentinel HASP LDK versions prior to 9.16 Description: A flaw in the installer for Thales SafeNet Sentinel HASP LDK on Windows allows an attacker to escalate their privilege level via local access. Recommendations: For versions...
Thales SafeNet Security Vulnerability
Thales SafeNet is an enterprise authentication, data encryption, and key management solution from Thales USA. A security vulnerability exists in Thales SafeNet Sentinel HASP LDK prior to version 9.16, which stems from a flaw in the installer that allows an attacker to upgrade privileges via local...
Design/Logic Flaw
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...
CVE-2023-6516
To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...
CVE-2023-6516
To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...
AlmaLinux 8 : bind9.16 (ALSA-2023:5460)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5460 advisory. - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the...
SUSE CVE-2022-0396
BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...
CVE-2022-3094
Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...
CVE-2022-3094
Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...
Design/Logic Flaw
Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...
CVE-2022-3094
Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...
CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory
Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...
PT-2023-1302 · Isc +9 · Bind 9 +9
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.36 BIND 9 versions 9.18.0 through 9.18.10 BIND 9 versions 9.19.0 through 9.19.8 BIND 9 versions 9.16.8-S1 through 9.16.36-S1 Description: The issue is related to the allocation of large amounts of memory by...