86 matches found
ISC BIND 9.20.0 < 9.20.11 / 9.20.9-S1 < 9.20.11-S1 / 9.21.0 < 9.21.10 Assertion Failure (cve-2025-40777)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40777 advisory. - If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer- client-timeout set to 0 the...
EUVD-2018-17506
Malware in sbrugna...
EUVD-2023-34357
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-40777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer- client-timeout set to 0 the only allowable value other than...
Linux Distros Unpatched Vulnerability : CVE-2023-5679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are...
SUSE CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
DEBIAN-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
AZL-65553 CVE-2025-40777 affecting package bind for versions less than 9.20.15-1
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
ALPINE-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
UBUNTU-CVE-2025-40777
If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...
CLSA-2025-1739386415 bind: Fix of 3 CVEs
CVE-2023-5517: fix a flaw causing named to crash with an assertion failure when nxdomain-redirect is set, and a PTR query for an RFC 1918 address returns NXDOMAIN - CVE-2023-5679: fix a crash in named due to an assertion failure during recursive resolution when both DNS64 and serve-stale are...
Fedora 39 : bind / bind-dyndb-ldap (2024-ef8a7031e7)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-ef8a7031e7 advisory. Update to BIND 9.18.28 Security Fixes - A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to...
CBL Mariner 2.0 Security Update: bind (CVE-2023-5679)
The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5679 advisory. - A bad interaction between DNS64 and serve-stale May cause named to crash with an assertion failure during...
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND
Summary UPDATED: Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1795)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : bind (EulerOS-SA-2024-1795)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods,...
The vulnerability of the BIND DNS server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.
The vulnerability of the BIND DNS server is related to the insufficient use of the assert function. Exploiting this vulnerability allows a malicious actor to cause a service failure through the named parameter during DNS64 and serve-stale interactions...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1736)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1736)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect domain; is configured, and - t...