28 matches found
CVE-2026-12725
A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and query logging are both enabled, logging of DS or DNSKEY replies containing unsupported algorithm or digest types can cause dnsmasq to write past the end of an internal logging buffer. A remote attacker able to supply su...
CVE-2026-45557 Technitium DNS Server excessive DNSSEC requests
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
EUVD-2026-30938
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
PT-2026-41937
Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. Fixed in 15.0...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open-source authoritative and recursive DNS server developed by the Technitium team. It can be used as a self-hosted DNS server to protect privacy and security. Versions of Technitium DNS Server prior to version 15.0 contained security vulnerabilities. These...
CVE-1999-0835
Denial of service in BIND named via malformed SIG records...
RHEL 4 : bind (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bind: deleted domain name resolving flaw CVE-2012-1033 - bind: malformed signature records for DNAME...
ALPINE-CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...
SUSE CVE-2010-3613
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service daemon crash via a query for...
SUSE CVE-2011-1910
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...
AZL-13203 CVE-2022-3736 affecting package bind for versions less than 9.16.37-2
BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and...
ISC BIND 安全漏洞
ISC BIND is a suite of open source software that implements the DNS protocol from the American company ISC. A security vulnerability exists in BIND versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, and 9.19.0 through 9.19.8, which arises from the fact that when stale caching and stale...
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...
AIX 5.3 TL 12 : bind (IV85298) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 6.1 TL 9 : bind (IV84456) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 7.1 TL 3 : bind (IV85296) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 7.1 TL 4 : bind (IV84458) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
AIX 6.1 TL 9 : bind (IV84984) (deprecated)
https://vulners.com/cve/CVE-2016-1285 ISC BIND is vulnerable to a denial of service, caused by the improper handling of control channel input. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to trigger an assertion failure in sexpr.c or alist.c and cause...
bind: malformed signature records for DNAME records can trigger assertion failure
A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...
bind: malformed signature records for DNAME records can trigger assertion failure
A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...