unbound: amplification of an incoming query into a large number of queries directed to a target

A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive...

CVE-2020-5591

XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver's performance or compromising the recursive resolver as a reflector in a...

CVE-2020-12662

A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as a recursive...

DNS Flag Day & Akamai

Written by Jon Reed & Barry Greene DNS Flag Day is an industry event that promotes the adoption of the most up-to-date DNS features and ensures that non-standards-compliant servers don't negatively impact the global performance of the Internet. The 2019 DNS Flag Day will remove a number of...

Denial Of Service

BIND is susceptible to denial of service. The vulnerability is possible because it does not properly handle resource records with a large RDATA value, allowing the attacker to create malicious DNS resource records causing recursive resolver or secondary server to exit unexpectedly with an asserti...

adns -- multiple vulnerabilities

Ian Jackson and the adns project reports: Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. Vulnerable applications: those that make SOA queries. Exploitable by: upstream DNS data sources. Likely worst case: DoS cras...

Mageia: Security Advisory (MGASA-2015-0272)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ISC BIND 'isselfsigned()' Denial of Service Vulnerability

BIND is a very widely used implementation of the DNS protocol. ISC BIND name.c is configured as a DNSSEC-verifiable recursive resolver, allowing remote attackers to construct domain data, query the domain name, and submit special requests that can crash the backend program...

DEBIAN-CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

UBUNTU-CVE-2015-4620

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...

bind: denial of service

A very uncommon combination of zone data has been found that triggers a bug in BIND, with the result that named will exit with a "REQUIRE" failure in name.c when validating the data returned in answer to a recursive query. This means that a recursive resolver that is performing DNSSEC validation...

ISC BIND Recursive Resolver Resource Consumption Denial of Service (CVE-2014-8500)

A denial of service vulnerability exists in ISC BIND. The vulnerability is due to a design weakness in the way BIND follows DNS delegations. A remote attacker can exploit these vulnerabilities by sending a request to a recursive resolver forcing the resolver to issue a large number possibly...

FreeBSD : bind -- denial of service vulnerability (ab3e98d9-8175-11e4-907d-d050992ecde8)

ISC reports : We have today posted updated versions of 9.9.6 and 9.10.1 to address a significant security vulnerability in DNS resolution. The flaw was discovered by Florian Maury of ANSSI, and applies to any recursive resolver that does not support a limit on the number of recursions...

Fedora 19 : maradns-2.0.09-1.fc19 (2014-2439)

There has been a long-standing bug in Deadwood ever since 2007 where bounds checking for strings was not correctly done under some circumstances. Because of this, it has been possible to send Deadwood a 'packet of death' which will crash Deadwood. Since the attack causes out-of-bounds memory to b...

Amazon Linux AMI : bind (ALAS-2012-84)

A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory...

Important: bind

Issue Overview: A flaw was found in the way BIND handled certain combinations of resource records. A remote attacker could use this flaw to cause a recursive resolver, or an authoritative server in certain configurations, to lockup. CVE-2012-5166 Affected Packages: bind Issue Correction: Run yum...

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20121012)

A flaw was found in the way BIND handled certain combinations of resource records. A remote attacker could use this flaw to cause a recursive resolver, or an authoritative server in certain configurations, to lockup. CVE-2012-5166 After installing the update, the BIND daemon named will be restart...

Important: bind

Issue Overview: A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an...

RedHat Update for bind RHSA-2012:1267-01

Check for the Version of bind OpenVAS Vulnerability Test RedHat Update for bind RHSA-2012:1267-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...