Lucene search
K

7041 matches found

OSV
OSV
added 2017/02/09 12:0 a.m.3 views

UBUNTU-CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7, 9.9.3 - 9.9.9-P5, 9.9.10b1,...

7.5CVSS6.8AI score0.17108EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/01/30 12:0 a.m.38 views

Debian DLA-805-1 : bind9 security update

Several denial of service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...

7.5CVSS7.4AI score0.40556EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/01/24 12:0 a.m.90 views

ISC BIND EDNS Option Processing Denial of Service Vulnerability - Windows

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

5CVSS7.4AI score0.06978EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/01/24 12:0 a.m.40 views

ISC BIND EDNS Option Processing Denial of Service Vulnerability - Linux

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

5CVSS7.4AI score0.06978EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2017/01/23 12:0 a.m.4 views

PT-2017-8747 · Ruby +2 · Ruby-Saml +2

Name of the Vulnerable Software and Affected Versions: ruby-saml versions prior to 1.3.0 Description: The issue allows attackers to perform XML signature wrapping attacks. This occurs in a specific scenario where a signature references two elements simultaneously, one of which is inside an...

10CVSS8.1AI score0.10684EPSS
Exploits4References21
Check Point Advisories
Check Point Advisories
added 2017/01/22 12:0 a.m.5 views

ISC BIND TKEY Query Response Assertion Failure Denial of Service (CVE-2016-9131)

A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause named service to exit with an assertion failure while processing a crafted DNS response packet. A remote, unauthenticated attacker could exploit this vulnerability by providing a...

5CVSS3.2AI score0.40556EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/19 12:0 a.m.49 views

openSUSE Security Update : bind (openSUSE-2017-114)

This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...

7.5CVSS7.4AI score0.40556EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2017/01/19 12:0 a.m.57 views

ISC BIND 9 < 9.9.9-P5 / 9.9.9-S7 / 9.10.4-P5 / 9.11.0-P2 Multiple DoS

According to its self-reported version number, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.9-P5 or 9.9.9-S7, 9.10.x prior to 9.10.4-P5, or 9.11.x prior to 9.11.0-P2. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of...

7.5CVSS6.8AI score0.40556EPSS
Exploits0References8
Prion
Prion
added 2017/01/18 5:59 p.m.18 views

Null pointer dereference

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service assertion failure and crash via vectors related to a ReferenceBlob and a NULL pointer...

5CVSS6.9AI score0.03354EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/01/18 5:0 p.m.121 views

CVE-2016-7997

CVE-2016-7997 affects GraphicsMagick 1.3.25 and earlier, where the WPG format reader can trigger a denial-of-service (assertion failure and crash) through vectors related to a ReferenceBlob and a NULL pointer. Connected sources (Mageia, Debian, Fedora advisories, and others) confirm this triage a...

7.5CVSS7.9AI score0.03354EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2017/01/18 5:0 p.m.30 views

CVE-2016-7997

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service assertion failure and crash via vectors related to a ReferenceBlob and a NULL pointer...

7.5CVSS8.2AI score0.03354EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/18 12:0 a.m.49 views

openSUSE Security Update : bind (openSUSE-2017-109)

This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...

7.5CVSS7.4AI score0.40556EPSS
Exploits0References7
Cent OS
Cent OS
added 2017/01/17 1:0 p.m.72 views

bind97 security update

CentOS Errata and Security Advisory CESA-2017:0064 An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.1AI score0.24602EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2017/01/16 6:31 a.m.9 views

bind: assertion failure while handling a query response containing inconsistent DNSSEC information

A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.2AI score0.24602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/01/16 6:1 a.m.5 views

bind: assertion failure while handling a query response containing inconsistent DNSSEC information

A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.2AI score0.24602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/01/16 5:51 a.m.7 views

bind: assertion failure while handling an unusually-formed DS record response

A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.1AI score0.18124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/01/16 5:51 a.m.12 views

bind: assertion failure while handling a query response containing inconsistent DNSSEC information

A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.2AI score0.24602EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/01/16 5:51 a.m.5 views

bind: assertion failure while processing response to an ANY query

A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.2AI score0.40556EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2017/01/16 12:0 a.m.37 views

ISC BIND 'nxdomain-redirect' Feature Response DoS Vulnerability - Windows

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

7.5CVSS5.8AI score0.06787EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/01/16 12:0 a.m.27 views

ISC BIND Unusual DS Record Response Denial of Service Vulnerability - Linux

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

7.5CVSS7.5AI score0.18124EPSS
Exploits0References2
Rows per page
Query Builder