Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2022/10/09 12:0 a.m.24 views

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2022-2486)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview...

5.3CVSS6.3AI score0.08001EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/09/22 12:0 a.m.21 views

ISC BIND DoS Vulnerability (CVE-2022-2795) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5.3CVSS6.7AI score0.01495EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/08/10 12:0 a.m.38 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2022:2713-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2713-1 advisory. - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver...

6.8CVSS6.7AI score0.08001EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2013-0237)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.3AI score0.3415EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/11/24 12:0 a.m.32 views

openSUSE 15 Security Update : bind (openSUSE-SU-2021:3773-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3773-1 advisory. - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as wel...

5.3CVSS6.3AI score0.08001EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.34 views

Ubuntu 16.04 ESM : Bind vulnerability (USN-5126-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5126-2 advisory. USN-5126-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

5.3CVSS6.3AI score0.08001EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.22 views

ISC BIND DoS Vulnerability (CVE-2021-25219)

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5.3CVSS5.8AI score0.08001EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.19 views

ISC BIND Information Disclosure Vulnerability (CVE-2017-3142) - Linux

ISC BIND is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

5.3CVSS5.3AI score0.05356EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/04/30 12:0 a.m.23 views

ISC BIND DoS Vulnerability (CVE-2021-25214) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

6.5CVSS7.1AI score0.0594EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/04/30 12:0 a.m.23 views

ISC BIND DoS Vulnerability (CVE-2021-25215) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

7.5CVSS7.1AI score0.11296EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/10/09 2:17 p.m.28 views

CVE-2019-6465

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 o...

5.3CVSS6.3AI score0.037EPSS
Exploits0
OSV
OSV
added 2019/01/16 8:29 p.m.23 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

5.9CVSS6.6AI score
Exploits0References8
Cvelist
Cvelist
added 2019/01/16 8:0 p.m.59 views

CVE-2017-3143 An error in TSIG authentication can permit unauthorized dynamic updates

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

7.5CVSS6.7AI score0.18157EPSS
Exploits1References8
Cvelist
Cvelist
added 2019/01/16 8:0 p.m.25 views

CVE-2017-3135 Combination of DNS64 and RPZ Can Lead to Crash

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

7.5CVSS6.4AI score0.17108EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.51 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.4AI score0.05356EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.37 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

7.5CVSS6.9AI score0.18157EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/07/11 12:0 a.m.102 views

ISC BIND Security Bypass Vulnerability

A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request...

7.5CVSS5.8AI score0.18157EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/05/23 12:0 a.m.27 views

ISC BIND DNS64 Denial of Service Vulnerability - Linux

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

5.9CVSS6.6AI score0.11093EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2017/02/09 1:13 p.m.28 views

High Severity BIND Vulnerability Can Lead to A Crash

The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it considers high severity and said could lead to a crash. The issue affects servers that use both the DNS64 and RPZ function simultaneously. DNS64 is a mechanism for...

0.2AI score0.17108EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/29 12:0 a.m.28 views

Mandriva Linux Security Advisory : bind (MDVSA-2013:202)

A vulnerability has been discovered and corrected in bind : The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of...

7.8CVSS6.3AI score0.3415EPSS
Exploits1References2
Rows per page
Query Builder