K14600: BIND vulnerability CVE-2013-3919

Security Advisory Description When resolver.c is configured in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, or 9.6-ESV-R9 before 9.6-ESV-R9-P1, remote attackers may cause a denial-of-service DoS when querying for a record in a malformed zone. CVE-2013-3919 Impact Remote attackers can...

ISC BIND DoS Vulnerability (CVE-2012-1667) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

ISC BIND RTYPE ANY Query Denial of Service Vulnerability - Linux

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

SUSE SLES10 Security Update : bind (SUSE-SU-2015:0488-1)

This bind update to version 9.6-ESV-R11-W1 fixes the following security issue : - A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow default 7, and the number of...

CVE-2013-6230

The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIOGETINTERFACELIST command for netmask 255.255.255.255, which allows remot...

Command injection

The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIOGETINTERFACELIST command for netmask 255.255.255.255, which allows remot...

CVE-2013-6230

CVE-2013-6230 concerns ISC BIND and Windows Winsock: the WSAIoctl SIO_GET_INTERFACE_LIST path misinterprets the netmask 255.255.255.255, allowing remote bypass of IP address restrictions. Public details show affected BIND lines include 9.6-ESV to 9.9.x series; Windows Server 2008 usage is cited. ...

SuSE 10 Security Update : bind (ZYPP Patch Number 8298)

The bind nameserver was updated to version 9.6-ESV-R7-P3 to fix a single security problem, where loading a zone file could have caused an assertion abort of the named service. CVE-2012-4244 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Mandriva Linux Security Advisory : bind (MDVSA-2011:104)

A vulnerability has been identified and fixed in ISC BIND : Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via...

ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3, 9.7.x < 9.7.2-P3 Multiple Vulnerabilities

According to its self-reported version number, the remote installation of BIND is affected by multiple vulnerabilities : - Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named. CVE-2010-3613 - Named, when acting as a DNSSEC...