6 matches found
USN-5992-1 ldb vulnerability
Demi Marie Obenour discovered that ldb, when used with Samba, incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information...
SUSE SLES11 Security Update : bind (SUSE-SU-2021:14632-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14632-1 advisory. - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND'...
ISC BIND GSS-TSIG SPNEGO Buffer Overflow (CVE-2021-25216)
According to its self-reported version, the ISC Bind present on the remote host is affected by a buffer overflow vulnerability: - GSS-TSIG is an extension to the TSIG protocol which is intended to support the secure exchange of keys for use in verifying the authenticity of communications between...
UBUNTU-CVE-2021-25216
In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version an...
Vulnerability fixed in BIND
A vulnerability has been fixed in ISC BIND. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause. This vulnerability can only be exploited when BIND is configured to make use of GSS-TSIG. This is not the default configuration. In environments where BIND...
DEBIAN-CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...