7011 matches found
CVE-2016-9778
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met...
CVE-2016-9444
CVE-2016-9444 affects ISC BIND 9.x; a crafted DS resource record in an answer can cause the named DNS server to crash via an assertion failure, if the BIND recursion option is enabled. The vulnerability is exploited remotely by an unauthenticated attacker and may cause the named process to exit (...
CVE-2016-9444
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted DS resource record in an answer...
CVE-2016-9131
CVE-2016-9131 concerns ISC BIND and is triggered by improper handling of responses during recursion. A remote attacker can send a malformed RTYPE ANY response to cause an assertion failure and named process exit, i.e., a denial-of-service. Public advisories confirm affected versions across multip...
CVE-2016-9131
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed response to an RTYPE ANY query...
CVE-2016-9444
A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
CVE-2016-9131
A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
SUSE SLES11 Security Update : bind (SUSE-SU-2017:0112-1)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0111-1)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
SUSE-SU-2017:0112-1 Security update for bind
This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
SUSE-SU-2017:0113-1 Security update for bind
This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
CVE-2016-9778
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met...
Debian Security Advisory DSA 3758-1 (bind9 - security update)
Several denial-of-service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...
BIND -- multiple vulnerabilities
ISC reports: A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the cache. Depending on the type of query and the EDNS options in the query they receive,...
ISC BIND 'buffer.c' Assertion Failure Denial of Service Vulnerability - Linux
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
ISC BIND 'buffer.c' Assertion Failure Denial of Service Vulnerability - Windows
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
ISC BIND 9 db.c Assertion Failure Denial of Service Vulnerability
BIND is a suite of open source software for implementing the DNS protocol. A db.c assertion failure denial of service vulnerability exists in ISC BIND 9. When an authoritative server overrides a zone using the nxdomain-redirect feature, an attacker can cause an assertion failure resulting in a...
ISC BIND 9 DNSSEC Assertion Failure Denial of Service Vulnerability
ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A remote denial of service vulnerability exists in ISC BIND named, which can be exploited to cause a denial of service by an attacker who incorrectly...
Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)
Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based...
ALPINE-CVE-2016-7785
The avireadseek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service assert fault via a crafted AVI file...