7041 matches found
UBUNTU-CVE-2017-3135
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...
Debian DLA-805-1 : bind9 security update
Several denial of service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...
ISC BIND EDNS Option Processing Denial of Service Vulnerability - Windows
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
ISC BIND EDNS Option Processing Denial of Service Vulnerability - Linux
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
PT-2017-8747 · Ruby +2 · Ruby-Saml +2
Name of the Vulnerable Software and Affected Versions: ruby-saml versions prior to 1.3.0 Description: The issue allows attackers to perform XML signature wrapping attacks. This occurs in a specific scenario where a signature references two elements simultaneously, one of which is inside an...
ISC BIND TKEY Query Response Assertion Failure Denial of Service (CVE-2016-9131)
A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause named service to exit with an assertion failure while processing a crafted DNS response packet. A remote, unauthenticated attacker could exploit this vulnerability by providing a...
openSUSE Security Update : bind (openSUSE-2017-114)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
ISC BIND 9 < 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2 Multiple DoS
According to its self-reported version number, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P5 or 9.9.9-S7, 9.10.x prior to 9.10.4-P5, or 9.11.x prior to 9.11.0-P2. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of...
Null pointer dereference
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service assertion failure and crash via vectors related to a ReferenceBlob and a NULL pointer...
CVE-2016-7997
CVE-2016-7997 affects GraphicsMagick 1.3.25 and earlier, where the WPG format reader can trigger a denial-of-service (assertion failure and crash) through vectors related to a ReferenceBlob and a NULL pointer. Connected sources (Mageia, Debian, Fedora advisories, and others) confirm this triage a...
CVE-2016-7997
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service assertion failure and crash via vectors related to a ReferenceBlob and a NULL pointer...
openSUSE Security Update : bind (openSUSE-2017-109)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
bind97 security update
CentOS Errata and Security Advisory CESA-2017:0064 An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
bind: assertion failure while handling a query response containing inconsistent DNSSEC information
A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
bind: assertion failure while handling a query response containing inconsistent DNSSEC information
A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
bind: assertion failure while handling an unusually-formed DS record response
A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
bind: assertion failure while handling a query response containing inconsistent DNSSEC information
A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
bind: assertion failure while processing response to an ANY query
A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
ISC BIND 'nxdomain-redirect' Feature Response DoS Vulnerability - Windows
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
ISC BIND Unusual DS Record Response Denial of Service Vulnerability - Linux
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...