7041 matches found
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability in the WebKit/Source/core/layout/LayoutBlock.cpp function of the Google Chrome browser’s Blink kernel exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause a service failure the appearance of a “Assertion failure” window ...
ISC BIND 9 Multiple DoS
According to its self-reported version number, the instance of ISC BIND running on the remote name server is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in files resolver.c and db.c when handling DNAME resource signatures. An unauthenticated...
bind: malformed signature records for DNAME records can trigger assertion failure
A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash...
SUSE-SU-2016:0780-1 Security update for bind
This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...
SUSE-SU-2016:0759-1 Security update for bind
This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...
Mageia: Security Advisory (MGASA-2016-0107)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2016-665)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2016-0107 Updated bind packages fix security vulnerability
In ISC BIND before 9.10.3-P4, an error parsing input received by the rndc control channel can cause an assertion failure in sexpr.c or alist.c CVE-2016-1285. In ISC BIND before 9.10.3-P4, a problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in...
ISC BIND Query Packet Cookie Option Denial of Service Vulnerability
ISC BIND is a set of open source software that implements the DNS protocol. BIND 9.10 provides native support for DNS cookies or user identification, a mechanism designed to protect the security of the query requestor and domain name servers when they interact. An attacker can maliciously constru...
ISC BIND rndc Control Instance Denial of Service Vulnerability
ISC BIND is a set of open source software that implements the DNS protocol. A design flaw in the BIND rndc control instance's handling of request input can lead to an assertion failure in sexpr.c or alist.c, which can ultimately lead to the exit of the named process when a malformed packet is sen...
Important: bind
Issue Overview: A defect in control channel input handling was discovered which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel. If control channel input is accepted from the network limited to localhost by...
ISC DHCP Denial of Service Vulnerability (CNVD-2016-01603)
ISC DHCP is the United States ISC Internet Systems Consortium company's set of open source Dynamic Host Configuration Protocol server software. A security vulnerability exists in ISC DHCP that stems from the program's failure to limit the number of concurrent TCP sessions. A remote attacker could...
DEBIAN-CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c...
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...
CVE-2016-1285
CVE-2016-1285 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). The issue arises from improper handling of control-channel input to rndc, causing assertion failure and named daemon exit via a malformed packet. Connected advisories describe related impact for DNAME records (CVE-2...
CVE-2016-1286
CVE-2016-1286 affects ISC BIND 9.x (before 9.9.8-P4 and 9.10.x before 9.10.3-P4). A remote attacker can trigger a denial of service by sending a crafted DNS signature for a DNAME record, leading to an assertion failure in resolver.c or db.c and a named process crash. The issue is documented with ...
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...
CVE-2016-2774
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...
bind -- denial of service vulnerability
ISC reports: A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure...