7041 matches found
bind: assertion failure triggered by a packet with malformed options
A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet...
bind: assertion failure in buffer.c while building responses to a specifically constructed request
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
bind, caching security update
CentOS Errata and Security Advisory CESA-2016:2093 An update for bind is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whi...
Design/Logic Flaw
ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...
CVE-2016-2848
ISC BIND vulnerability CVE-2016-2848 affects BIND 9.1.0–9.8.4-P2 and 9.9.0–9.9.2-P2, allowing remote attackers to cause a denial of service (assertion failure and daemon exit) by sending malformed options data in an OPT resource record. Exploitation is via specially crafted DNS packets; impact is...
Assertion Error Denial of Service Vulnerability in ISC BIND 9
ISC BIND 9 is a set of DNS domain name resolution service software maintained by the Internet Systems Consortium ISC organization. ISC BIND 9 suffers from an Assertion Error Denial of Service vulnerability. A remote attacker can exploit the vulnerability by sending malformed packets to the server...
bind: assertion failure triggered by a packet with malformed options
A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet...
CVE-2016-2848
A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet...
[SECURITY] [DLA 672-1] bind9 security update
Package : bind9 Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u12 CVE ID : CVE-2016-2848 CVE-2016-2848 A server vulnerable to this defect can be forced to exit with an assertion failure if it receives a malformed packet. Authoritative and recursive servers are both vulnerable. For Debian 7 "Wheezy", these...
CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
DEBIAN-CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
CVE-2016-7795
CVE-2016-7795 affects systemd 231 and earlier, where manager_invoke_notify_message processes a zero-length notify socket message, enabling local users to trigger denial of service (assertion failure and PID 1 hang). Connected advisories (e.g., MiracleLinux AXSA-2016-832:08 and EulerOS security ad...
Debian DLA-645-1 : bind9 security update
CVE-2016-2775 lwresd crash with long query name Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232. CVE-2016-2776 assertion failure due to unspecified crafted query Fix based on 43139-9-9.patch from ISC. For Debian 7 'Wheezy', these problems have been fixed in version...
VulnCheck KEV: CVE-2016-2776
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...
Bind 9 DNS Server - Denial of Service Exploit
Exploit for multiple platform in category dos / poc import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16Q...
ISC BIND 9 - Denial of Service
import socket import struct TARGET = '192.168.200.10', 53 QA = 1 QTSIG = 250 DNSMESSAGEHEADERLEN = 12 def buildbindnukequestion="\x06google\x03com\x00", udpsize=512: queryA = "\x8f\x65\x00\x00\x00\x01\x00\x00\x00\x00\x00\x01" + question + int16QA + "\x00\x01" sweetspot = udpsize -...
Scientific Linux Security Update : bind on SL5.x, SL6.x, SL7.x i386/x86_64 (20160928)
Security Fixes : - A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. CVE-2016-2776 %NASLMINLEVE...
bind: assertion failure in buffer.c while building responses to a specifically constructed request
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet...
bind: assertion failure in buffer.c while building responses to a specifically constructed request
A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet...