1440 matches found
CVE-2014-3859
libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a crafted packet, as demonstrated by an attack against named, dig, or delv...
ISC BIND 9 EDNS Processing DoS
According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability. The issue exists due to an error in 'libdns' that fails to properly handle Extension Mechanisms for DNS EDNS options. Note that Nessus has not tested for this issue but...
ISC BIND 9.10.0 / 9.10.0-P1 named Assertion Failure DoS
Binary data 8313.prm...
ISC BIND 9.10.0 Recursive Nameserver DoS
Binary data 8247.prm...
CVE-2014-3214
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...
CVE-2014-3214
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...
CVE-2014-3214
CVE-2014-3214 affects ISC BIND prefetch in the server when a recursive nameserver is enabled (ISC BIND 9.10.0). A crafted DNS response can trigger an assertion failure and daemon exit, causing a denial of service. The NVD reports base metrics: CVSS v2 base score 5.0 (Medium) with network access a...
CVE-2014-3214
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...
SOL15250 - BIND vulnerability CVE-2014-3214
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes. CVE-2014-3214...
ISC BIND NSEC3-Signed Zones Queries Processing Denial of Service (CVE-2014-0591)
A denial of service vulnerability exists in ISC BIND. The vulnerability is due to a failure to handle queries for NSEC3-signed zones. A remote attacker may exploit this vulnerability by sending a specially crafted query...
Mandriva Linux Security Advisory : bind (MDVSA-2014:002)
A vulnerability has been discovered and corrected in ISC BIND : The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion...
ISC BIND NSEC3签名域查询处理拒绝服务漏洞
BUGTRAQ ID: 64801 CVECAN ID: CVE-2014-0591 BIND是一个应用非常广泛的DNS协议的实现。 ISC BIND处理对NSEC3签名域的请求时出现错误,这可使恶意用户利用特制的查询,造成INSIST失败类崩溃。成功利用需要主域名服务器至少服务一个NSEC3签名的域。 0 ISC BIND 9.9.x ISC BIND 9.6.x 厂商补丁: ISC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.isc.org/downloads...
CVE-2014-0591
The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...
CVE-2014-0591
The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...
Design/Logic Flaw
The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...
CVE-2014-0591
The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...
CVE-2014-0591
CVE-2014-0591 affects ISC BIND 9.6, 9.7, 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2 (and 9.6-ESV before 9.6-ESV-R10-P2) where the query_findclosestnsec3 function in query.c can be triggered by crafted DNS queries to an authoritative server using NSEC3 signing. The result is a denial of service m...
CVE-2014-0591
The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...
ISC BIND 9 NSEC3-Signed Zone Handling DoS
According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability. This issue exists due to the handling of queries for NSEC3-signed zones related to the memcpy function in the 'name.c' file on authoritative nameservers. Note that Ness...
ISC bind DoS
Crash on parsing malformed request to NSEC3-signed zone...