K14386: BIND vulnerability CVE-2013-2266

Security Advisory Description libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service memory consumption via a crafted regular expression, as demonstrated by a...

K16576941: ISC BIND vulnerability CVE-2018-5737

Security Advisory Description A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching...

K82069123: ISC BIND vulnerability CVE-2018-5736

Security Advisory Description An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is...

K10898: DNSSEC BIND vulnerability - CVE-2009-4022

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

K15748: BIND vulnerability CVE-2010-0290

Security Advisory Description Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by...

K01471335: BIND vulnerability CVE-2016-2848

Security Advisory Description ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record. CVE-2016-2848 Impact A remote attacker may be able to cause a...

K59692558: BIND vulnerability CVE-2016-2088

Security Advisory Description resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a malformed packet with more than one cookie option. CVE-2016-2088 Impact There is...

K46264120: BIND vulnerability CVE-2016-1285

Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface, related to alist.c and sexpr.c. CVE-2016-1285...

K34250741: BIND vulnerability CVE-2015-8000

Security Advisory Description db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute. CVE-2015-8000 Impact An attack may cause a denial-of-service DoS ...

K15133: BIND vulnerability CVE-2014-0591

Security Advisory Description The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafte...

SUSE CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL time-to-live value...

SUSE CVE-2007-0493

Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service named daemon crash via unspecified vectors that cause named to "dereference a freed fetch context."...

SUSE CVE-2011-4313

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...

SUSE CVE-2012-3868

Race condition in the nsclient structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service memory consumption or process exit via a large volume of TCP queries...

SUSE CVE-2016-1286

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...

SUSE CVE-2016-9147

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a response containing an inconsistency among the DNSSEC-related RRsets...

ISC BIND 9.16.12 < 9.16.37 / 9.16.12-S1 < 9.16.37-S1 / 9.18.0 < 9.18.11 / 9.19.0 < 9.19.9 Assertion Failure (cve-2022-3924)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3924 advisory. - This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option...

ISC BIND 9.11.4-S1 < 9.16.37-S1 / 9.16.8-S1 < 9.16.37-S1 Assertion Failure (cve-2022-3488)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3488 advisory. - Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is...

ISC BIND 9.16.0 < 9.16.37 / 9.16.8-S1 < 9.16.37-S1 / 9.18.0 < 9.18.11 / 9.19.0 < 9.19.9 Vulnerability (cve-2022-3094)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3094 advisory. - Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named ...

ISC BIND DoS Vulnerability (CVE-2022-3094) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...