7023 matches found
ISC BIND 9.10.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.10.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS. If BIND is built with --enable-native-pkcs11...
ISC BIND 9.14.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.14.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS. While query forwarding and QNAME minimization are mutually incompatible...
ISC BIND 9.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS vulnerability due to an assertion failure when...
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
...
A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
...
A truncated TSIG response can lead to an assertion failure
...
Open-Xchange: Failed assert in `mail_index_transaction_lookup`
To reproduce, run test suite on following input : require"vnd.dovecot.testsuite";require "fileinto";require "mailbox";test"" fileinto:create "Folder"; if testresultexecute testmessage:folder "Folder" 2; Output is with ASAN enabled stack trace testsuite: Panic: file mail-index-transaction-update.c...
AIX 7.2 TL 3 : bind (IJ25926)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
CVE-2020-8620
In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...
DEBIAN-CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
ALPINE-CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
ALPINE-CVE-2020-8620
In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...
DEBIAN-CVE-2020-8620
In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...
CVE-2020-8620
In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...
Design/Logic Flaw
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
Authentication flaw
In BIND 9.15.6 - 9.16.5, 9.17.0 - 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...
CVE-2020-8622 A truncated TSIG response can lead to an assertion failure
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
CVE-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...
CVE-2020-8622
CVE-2020-8622 pertains to ISC BIND and causes an assertion failure leading to a server exit when processing a truncated TSIG-signed response. The vulnerability can be triggered by an attacker on the network path or by exploiting a server receiving a TSIG-signed request, potentially harming availa...
CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...