EulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1052)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote...

CVE-2017-5986

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

DEBIAN-CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

UBUNTU-CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

CVE-2017-5981

seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...

bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash

A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response...

Fedora 24 : viewvc (2017-2bce6ed778)

Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

ISC BIND 9 DNS64 and RPZ Assertion Failure Denial of Service Vulnerability

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. ISC BIND 9 suffers from a DNS64 and RPZ Assertion Failure Denial of Service vulnerability. An attacker can exploit the vulnerability by rewriting the que...

High Severity BIND Vulnerability Can Lead to A Crash

The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it considers high severity and said could lead to a crash. The issue affects servers that use both the DNS64 and RPZ function simultaneously. DNS64 is a mechanism for...

Fedora 25 : viewvc (2017-bd3c3c957f)

Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

UBUNTU-CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

Debian DLA-805-1 : bind9 security update

Several denial of service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...

ISC BIND EDNS Option Processing Denial of Service Vulnerability - Windows

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

ISC BIND EDNS Option Processing Denial of Service Vulnerability - Linux

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

PT-2017-8747 · Ruby +2 · Ruby-Saml +2

Name of the Vulnerable Software and Affected Versions: ruby-saml versions prior to 1.3.0 Description: The issue allows attackers to perform XML signature wrapping attacks. This occurs in a specific scenario where a signature references two elements simultaneously, one of which is inside an...

ISC BIND TKEY Query Response Assertion Failure Denial of Service (CVE-2016-9131)

A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause named service to exit with an assertion failure while processing a crafted DNS response packet. A remote, unauthenticated attacker could exploit this vulnerability by providing a...

openSUSE Security Update : bind (openSUSE-2017-114)

This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...

ISC BIND 9 < 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2 Multiple DoS

According to its self-reported version number, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P5 or 9.9.9-S7, 9.10.x prior to 9.10.4-P5, or 9.11.x prior to 9.11.0-P2. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of...

Null pointer dereference

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service assertion failure and crash via vectors related to a ReferenceBlob and a NULL pointer...

CVE-2016-7997

CVE-2016-7997 affects GraphicsMagick 1.3.25 and earlier, where the WPG format reader can trigger a denial-of-service (assertion failure and crash) through vectors related to a ReferenceBlob and a NULL pointer. Connected sources (Mageia, Debian, Fedora advisories, and others) confirm this triage a...