274 matches found
Design/Logic Flaw
The DNSSEC validation library libval library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks...
Fedora 7 : dnssec-tools-1.3.2-1.fc7 (2008-1758)
1.3.2 release which contains a small set of fixes over the 1.3 release. The biggest of these fixes is a patch to the libval DNSSEC validation library to ensure that the signature that validates it is a signature of the trust anchor itself. Note that Tenable Network Security has extracted the...
Fedora 8 : dnssec-tools-1.3.2-1.fc8 (2008-1771)
1.3.2 release which contains a small set of fixes over the 1.3 release. The biggest of these fixes is a patch to the libval DNSSEC validation library to ensure that the signature that validates it is a signature of the trust anchor itself. Note that Tenable Network Security has extracted the...
RHEL 5 : bind (RHSA-2007:0057)
Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name Syste...
Moderate: Red Hat Security Advisory: bind security update
Updated bind packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name Syste...
GLSA-200702-06 : BIND: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200702-06 BIND: Denial of Service An unspecified improper usage of an already freed context has been reported. Additionally, an assertion error could be triggered in the DNSSEC validation of some responses to type ANY queries with...
CentOS 3 / 4 : bind (CESA-2007:0044)
Updated bind packages that fix a security issue and a bug are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. A flaw was found i...
Input validation
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...
CVE-2007-0494
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...
CVE-2007-0494
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...
CVE-2007-0494
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...
CVE-2007-0494
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...
[SA14008] BIND Validator Denial of Service Vulnerability
TITLE: BIND Validator Denial of Service Vulnerability SECUNIA ADVISORY ID: SA14008 VERIFY ADVISORY: http://secunia.com/advisories/14008/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: ISC BIND 9.3.x http://secunia.com/product/4298/ DESCRIPTION: A vulnerability has been...
BIND 9.3.0 vulnerable to denial of service in validator code
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. BIND supports the DNS...