CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

CVE-2017-3135

ISC BIND 9 DNS64 and RPZ combined can crash the server. CVE-2017-3135 causes an assertion failure or NULL pointer dereference when query responses are rewritten with both DNS64 and RPZ enabled, leading to a denial of service. Affected versions include BIND 9.8.8 and 9.9.3–9.9.9 (S1–S7/P5), 9.9.10...

Red Hat 389 Directory Server Denial of Service (CVE-2018-10935)

A denial of service vulnerability exists in Nagios XI in the Lightweight Directory Access Protocol LDAP service. The vulnerability is due to improper processing of LDAP search queries. Successful exploitation of the vulnerability could cause the process to abnormally terminate...

ISC BIND RPZ Query Processing Denial of Service (CVE-2017-3140)

A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause the named service to enter an infinite loop while processing a query and running a specific configuration. A remote, unauthenticated attacker could exploit this vulnerability by...

High Severity BIND Vulnerability Can Lead to A Crash

The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it considers high severity and said could lead to a crash. The issue affects servers that use both the DNS64 and RPZ function simultaneously. DNS64 is a mechanism for...

Mandrake Linux Security Advisory : bind (MDKSA-2001:017)

Four problems exists in all versions of ISC BIND 4.9.x prior to 4.9.8 and 8.2.x prior to 8.2.3 9.x is not affected. Version 8.2.x contains a buffer overflow in transaction signature TSIG handling code that can be exploited by an attacker to gain unauthorized privileged access to the system,...

Ubuntu Update for linux-ti-omap4 USN-1364-1

Ubuntu Update for Linux kernel vulnerabilities USN-1364-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13641.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-ti-omap4 USN-1364-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.n...

USN-1386-1: Linux kernel (Natty backport) vulnerabilities

The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. CVE-2011-2498 A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged...

USN-1364-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 A flaw was...

DEBIAN-CVE-2012-1033

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...

NTP Vulnerability - Cisco Systems

Network Time Protocol NTP is used to synchronize time on multiple devices. A vulnerability has been discovered in the NTP daemon query processing functionality. This vulnerability has been publicly announced. Other Cisco software applications may run on Solaris platforms and where those products...

Debian: Security Advisory (DSA-1172-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2006-7211

fblockmgr in Firebird 1.5 uses weak permissions 0666 for the semaphore array, which allows local users to cause a denial of service blocked query processing by locking semaphores...

CVE-2006-7211

fblockmgr in Firebird 1.5 uses weak permissions 0666 for the semaphore array, which allows local users to cause a denial of service blocked query processing by locking semaphores...

[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...

Security Update for SQL Server 2017 (KB4293803)

Executing a specially crafted query involving calculating difference between values of different date types and aggregation of the results, could lead to stack corruption, if the query runs in batch mode. Depending on particular values processed by such query, this could lead to terminating the S...