Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.19 views

ISC BIND Information Disclosure Vulnerability (CVE-2017-3142) - Linux

ISC BIND is prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

5.3CVSS5.3AI score0.05356EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/06 12:0 a.m.25 views

ISC BIND DoS Vulnerability (CVE-2018-5734) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

7.5CVSS7.5AI score0.06236EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/10/09 2:17 p.m.19 views

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

7.5CVSS6.2AI score0.01946EPSS
Exploits0
OSV
OSV
added 2019/01/16 8:29 p.m.23 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

5.9CVSS6.6AI score
Exploits0References8
NVD
NVD
added 2019/01/16 8:29 p.m.20 views

CVE-2017-3140

If named is configured to use Response Policy Zones RPZ an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-9.11.1, 9.9.10-S1, 9.10.5-S1...

5.9CVSS5.5AI score0.1213EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.37 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

7.5CVSS6.9AI score0.18157EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2019/01/16 8:0 p.m.51 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.4AI score0.05356EPSS
Exploits0
Rows per page
Query Builder