Lucene search
K

7041 matches found

RedHat Linux
RedHat Linux
added 2016/11/03 8:12 a.m.4 views

squid: wrong error handling for malformed HTTP responses

It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...

7.5CVSS7.2AI score0.09363EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:12 a.m.4 views

squid: some code paths fail to check bounds in string object

Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...

7.5CVSS7.2AI score0.31411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:12 a.m.5 views

squid: wrong error handling for malformed HTTP responses

It was found that squid did not properly handle errors when failing to parse an HTTP response, possibly leading to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...

7.5CVSS7.2AI score0.10236EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:12 a.m.6 views

squid: some code paths fail to check bounds in string object

Incorrect boundary checks were found in the way squid handled headers in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...

7.5CVSS7.2AI score0.09025EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:12 a.m.5 views

squid: denial of service issue in HTTP response processing

An incorrect boundary check was found in the way squid handled the Vary header in HTTP responses, which could lead to an assertion failure. A malicious HTTP server could use this flaw to crash squid using a specially crafted HTTP response...

7.5CVSS7.3AI score0.35265EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/11/03 12:0 a.m.113 views

RHEL 5 / 6 : bind (RHSA-2016:2141)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2141 advisory. - bind: assertion failure while handling responses containing a DNAME answer CVE-2016-8864 Note that Nessus has not tested for this issue but has...

7.5CVSS7.5AI score0.38733EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/11/03 12:0 a.m.31 views

Debian DSA-3703-1 : bind9 - security update

Tony Finch and Marco Davids reported an assertion failure in BIND, a DNS server implementation, which causes the server process to terminate. This denial-of-service vulnerability is related to a defect in the processing of responses with DNAME records from authoritative servers and primarily...

7.5CVSS7.4AI score0.38733EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/11/03 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2697-1)

This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. - Fix BIND to return a valid...

7.5CVSS7.4AI score0.38733EPSS
Exploits0References5
Prion
Prion
added 2016/11/02 5:59 p.m.28 views

Design/Logic Flaw

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c...

5CVSS6.9AI score0.38733EPSS
Exploits0References17Affected Software8
OSV
OSV
added 2016/11/02 5:59 p.m.2 views

DEBIAN-CVE-2016-8864

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c...

7.5CVSS7.3AI score0.38733EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/11/02 5:38 p.m.6 views

bind: assertion failure while handling responses containing a DNAME answer

A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS7.1AI score0.38733EPSS
Exploits0References5
Cvelist
Cvelist
added 2016/11/02 5:0 p.m.28 views

CVE-2016-8864

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c...

7.4AI score0.38733EPSS
Exploits0References17
Cent OS
Cent OS
added 2016/11/02 4:6 p.m.90 views

bind97 security update

CentOS Errata and Security Advisory CESA-2016:2142 An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.1AI score0.38733EPSS
Exploits0References7
OSV
OSV
added 2016/11/02 12:0 a.m.25 views

DLA-696-1 bind9 - security update

Bulletin has no description...

7.5CVSS7.2AI score0.38733EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/11/01 12:0 a.m.35 views

BIND -- Remote Denial of Service vulnerability

ISC reports: A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c...

7.5CVSS6.9AI score0.38733EPSS
Exploits0References1
OSV
OSV
added 2016/11/01 12:0 a.m.2 views

UBUNTU-CVE-2016-8864

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c...

7.5CVSS7.2AI score0.38733EPSS
Exploits0References4
OSV
OSV
added 2016/11/01 12:0 a.m.30 views

DSA-3703-1 bind9 - security update

Bulletin has no description...

7.5CVSS7.2AI score0.38733EPSS
Exploits0
ArchLinux
ArchLinux
added 2016/11/01 12:0 a.m.527 views

[ASA-201611-3] bind: denial of service

Arch Linux Security Advisory ASA-201611-3 ========================================= Severity: High Date : 2016-11-01 CVE-ID : CVE-2016-8864 Package : bind Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package bind before version...

7.5CVSS6.9AI score0.38733EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/10/28 12:0 a.m.27 views

F5 BIG-IP - BIND vulnerability CVE-2016-2848

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a...

7.5CVSS7.5AI score0.25772EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/10/26 10:47 a.m.26 views

CVE-2016-8883

The jpcdectiledecode function in jpcdec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service assertion failure via a crafted file...

5.5CVSS4.6AI score0.01402EPSS
Exploits0References1
Rows per page
Query Builder