VulnCheck KEV: CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

MGASA-2016-0332 Updated bind packages fix security vulnerability

The lwresd component in BIND which is not enabled by default could crash while processing an overlong request name. This could lead to a denial of service CVE-2016-2775. A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles authoritative,...

MariaDB 10.1.x < 10.1.7 Multiple Vulnerabilities

The version of MariaDB running on the remote host is 10.1.x prior to 10.1.7. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the baselistiterator::nextfast function within file sql/sqlparse.cc when handling multi-table updates. An...

Design/Logic Flaw

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

ALPINE-CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

DEBIAN-CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

Debian DSA-3680-1 : bind9 - security update

Two vulnerabilities were reported in BIND, a DNS server. - CVE-2016-2775 The lwresd component in BIND which is not enabled by default could crash while processing an overlong request name. This could lead to a denial of service. - CVE-2016-2776 A crafted query could crash the BIND name server...

ISC BIND Denial of Service Vulnerability

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if description...

UBUNTU-CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

DEBIAN-CVE-2016-5427

PowerDNS aka pdns Authoritative Server before 3.4.10 does not properly handle a . dot inside labels, which allows remote attackers to cause a denial of service backend CPU consumption via a crafted DNS query...

The vulnerability of the Solar-Log WEB monitoring system allows a malicious individual to execute arbitrary SQL commands.

Vulnerability allows remote attackers to execute arbitrary SQL commands using a specially crafted query...

Cisco Configuration Assistant Cloud Network Automation Provisioner Information Disclosure Vulnerability

Cisco Configuration Assistant CCA is a suite of solutions from Cisco that simplifies the configuration, deployment, and management of Cisco intelligent business communications systems.Cisco Cloud Network Automation Provisioner CNAP is one of the cloud network Automation Provisioning Software. An...

CVE-2015-7695

The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query...

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

ISC BIND 9 Multiple DoS

According to its self-reported version number, the instance of ISC BIND running on the remote name server is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in files resolver.c and db.c when handling DNAME resource signatures. An unauthenticated...

bind: malformed signature records for DNAME records can trigger assertion failure

A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...

CVE-2016-2559

Cross-site scripting XSS vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query...