Lucene search
K

274 matches found

RedHat Linux
RedHat Linux
added 2017/05/08 7:36 a.m.5 views

bind: assertion failure in DNSSEC validation

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS6.9AI score0.0163EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2015-0272)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.37872EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/10/07 12:0 a.m.25 views

ISC BIND Denial of Service Vulnerability (Oct 2015)

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

7.8CVSS8.3AI score0.37872EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/19 12:0 a.m.36 views

F5 BIG-IP - BIND vulnerability CVE-2010-3762

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

4.3CVSS5.2AI score0.08086EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.27 views

Amazon Linux: Security Advisory (ALAS-2015-566)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.37872EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/03 12:0 a.m.33 views

Ubuntu 14.04 LTS : Bind vulnerability (USN-2728-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2728-1 advisory. Hanno Bck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue wit...

7.8CVSS6.8AI score0.33652EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/09/02 7:57 p.m.72 views

USN-2728-1: Bind vulnerability

Hanno Böck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service...

7.8CVSS6.8AI score0.33652EPSS
Exploits0
OSV
OSV
added 2015/09/02 12:7 p.m.6 views

SUSE-SU-2015:1480-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service crash attack against bind nameservers doing validation on DNSSEC signed records. CVE-2015-5722, bsc944066...

7.8CVSS6.3AI score0.33652EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2015/07/29 9:9 a.m.30 views

Critical Remotely Exploitable Bug Haunts BIND

The maintainers of BIND have patched a critical remotely exploitable vulnerability in the DNS software that can be used in a denial-of-service attack. The vulnerability affects all versions of BIND from 9.1.0 through 9.9.7. The vulnerability is in the way that BIND handles certain queries related...

7.8CVSS1AI score0.91284EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.48 views

F5 Networks BIG-IP : BIND vulnerability (SOL16912)

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

7.8CVSS7.4AI score0.37872EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.44 views

Amazon Linux AMI : bind (ALAS-2015-566)

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. C Tenable Network Security, In...

7.8CVSS7.2AI score0.37872EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/07/22 9:54 a.m.3 views

bind: abort DoS caused by uninitialized value use in isselfsigned()

A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure...

7.8CVSS7.1AI score0.37872EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/07/22 9:54 a.m.37 views

Important: Red Hat Security Advisory: bind security update

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

7.8CVSS7AI score0.37872EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/07/21 12:0 a.m.23 views

CentOS Update for bind CESA-2015:1443 centos7

Check the version of bind SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882227";...

7.8CVSS7.6AI score0.37872EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/07/20 4:19 p.m.33 views

Important: Red Hat Security Advisory: bind security update

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...

7.8CVSS7AI score0.37872EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.31 views

ISC BIND 9.7.x < 9.9.7-P1 / 9.10.x < 9.10.2-P2 Resolver DNSSEC Validation DoS

According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability, when configured as a recursive resolver with DNSSEC validation, due to an error that occurs during the validation of specially crafted zone data returned in...

7.8CVSS7.4AI score0.37872EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/07/13 12:0 a.m.50 views

ISC bind named DoS

Crash on DNSSEC validation...

7.8CVSS1.3AI score0.37872EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2015/07/09 8:9 a.m.4 views

MGASA-2015-0272 Updated bind package fixes security vulnerability

A recursive resolver that is performing DNSSEC validation can be deliberately terminated by any attacker who can cause a query to be performed against a maliciously constructed zone. This will result in a denial of service to clients who rely on that resolver CVE-2015-4620. Note that DNSSEC...

7.8CVSS6AI score0.37872EPSS
Exploits0References5
NVD
NVD
added 2015/07/08 2:59 p.m.17 views

CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

7.8CVSS7.4AI score0.37872EPSS
Exploits0References21
OSV
OSV
added 2015/07/08 2:59 p.m.1 views

DEBIAN-CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

7.8CVSS6.8AI score0.37872EPSS
Exploits0References1
Rows per page
Query Builder