CVE-2021-25215

CVE-2021-25215 affects BIND 9 upstream and downstream builds. The vulnerability is an assertion failure in the named process when handling DNAME-related queries, which can cause named to terminate. Affected versions include BIND 9.0.0–9.11.29, 9.12.0–9.16.13, and specific S1/“Supported Preview” b...

CVE-2021-25215

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record...

ISC BIND 安全漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from the fact that when answering a query for a DNAME, an assertion check may fail to process a record that requires a DNAME to resolve...

CVE-2019-25037

A flaw was found in unbound. A reachable assertion in the dnamepktcopy function can be triggered by sending invalid packets to the server. The highest threat from this vulnerability is to service availability...

CVE-2019-25036

A flaw was found in unbound. A reachable assertion in the synthcname function can be triggered by sending invalid packets to the server. If asserts are disabled during compilation, this issue might lead to an out-of-bounds write in dnamepktcopy function. The highest threat from this vulnerability...

CVE-2019-25041

A flaw was found in unbound. A reachable assertion in the dnamepktcopy function can be triggered through compressed names. The highest threat from this vulnerability is to service availability...

Unbound Assertion Failure Vulnerability (CNVD-2021-32625)

Unbound is a DNS resolver that supports validation, recursion, and caching features. An assertion failure vulnerability exists in synthcname in versions of Unbound prior to 1.9.5. An attacker could exploit this vulnerability to cause a denial of service...

Unbound Assertion Failure Vulnerability (CNVD-2021-32627)

Unbound is a DNS resolver that supports validation, recursion, and caching features. An assertion failure vulnerability exists in dnamepktcopy in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability via invalid packets to cause a denial of service...

Unbound Assertion Failure Vulnerability

Unbound is a DNS resolver that supports validation, recursion, and caching features. An assertion failure vulnerability exists in dnamepktcopy in versions of Unbound prior to 1.9.5. An attacker can exploit this vulnerability by compressing names to cause an assertion failure...

UBUNTU-CVE-2021-25214

In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malform...

CVE-2021-25215

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record...

UBUNTU-CVE-2021-25215

In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record...

CVE-2019-25041

Unbound before 1.9.5 allows an assertion failure via a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

DEBIAN-CVE-2019-25041

Unbound before 1.9.5 allows an assertion failure via a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

CVE-2019-25041

Unbound before 1.9.5 allows an assertion failure via a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

CVE-2019-25037

Unbound before 1.9.5 allows an assertion failure and denial of service in dnamepktcopy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

CVE-2019-25036

Unbound before 1.9.5 allows an assertion failure and denial of service in synthcname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

Design/Logic Flaw

DISPUTED Unbound before 1.9.5 allows an assertion failure and denial of service in synthcname. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

CVE-2019-25037

Unbound before 1.9.5 allows an assertion failure and denial of service in dnamepktcopy via an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

Design/Logic Flaw

DISPUTED Unbound before 1.9.5 allows an assertion failure via a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...