6 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Bind vulnerabilities (USN-8124-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8124-1 advisory. Samy Medjahed discovered that Bind incorrectly handled insecure delegation validation. A remote attacker could possibly use this issu...
CVE-2026-3591
creationtimestamp| type| source ---|---|--- 2026-03-25 15:56:25+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mhvhbpmobd2v 2026-03-25 18:23:28+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/isc-bind-security-advisory-av26-280 2026-03-25 20:03:03+00:00| seen|...
CVE-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass
A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...
CVE-2026-3591
A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...
ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Vulnerability (cve-2026-3591)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3591 advisory. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a...
Linux Distros Unpatched Vulnerability : CVE-2026-3591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may b...