Lucene search
K

478 matches found

UbuntuCve
UbuntuCve
added 2007/07/24 5:30 p.m.27 views

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

4.3CVSS6.7AI score0.1309EPSS
Exploits0References2
OSV
OSV
added 2007/07/24 5:30 p.m.10 views

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

6.6AI score
Exploits0References67
NVD
NVD
added 2007/07/24 5:30 p.m.28 views

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

4.3CVSS7.1AI score0.1309EPSS
Exploits0References67
Prion
Prion
added 2007/07/24 5:30 p.m.33 views

Design/Logic Flaw

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

4.3CVSS6.4AI score0.1309EPSS
Exploits0References67Affected Software1
Cvelist
Cvelist
added 2007/07/24 5:0 p.m.33 views

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

7.5AI score0.1309EPSS
Exploits0References67
CVE
CVE
added 2007/07/24 5:0 p.m.165 views

CVE-2007-2926

CVE-2007-2926 affects ISC BIND 9.x up to 9.5.0a5, where the DNS query ID generator used during answering resolver questions or sending NOTIFY messages uses a weak RNG. This enables a remote attacker to more easily guess query IDs and poison caches. The issue is specific to outgoing queries from B...

4.3CVSS7.4AI score0.1309EPSS
Exploits0References67Affected Software1
securityvulns
securityvulns
added 2007/07/24 12:0 a.m.45 views

"BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)

I discovered a new weakness in BIND 9 DNS server which enables "DNS Forgery Pharming". An attacker can remotely poison the cache of any BIND 9 caching DNS server and force users who use this DNS server to reach fraudulent websites each time they try to access real websites. BIND 9 is the most...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/05/01 12:0 a.m.17 views

ISC BIND 9 'query.c' Function Unspecified Recursive Query DoS

Binary data 3978.prm...

7.1CVSS7.3AI score0.07614EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2007/02/09 12:0 a.m.15 views

SOL7053 - BIND 9 vulnerabilities - Dereferencing freed fetch context and DNSSEC Validation

This Solution describes vulnerability issues reported in BIND where a remote user can cause denial of service conditions by sending specifically crafted packets to the BIND server. The dereferencing freed fetch context issue results from an issue where the named daemon dereferences a freed fetch...

0.3AI score
Exploits0Affected Software6
Debian CVE
Debian CVE
added 2007/01/25 8:0 p.m.41 views

CVE-2007-0493

Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service named daemon crash via unspecified vectors that cause named to "dereference a freed fetch context."...

7.8CVSS6.3AI score0.12079EPSS
Exploits1
F5 Networks
F5 Networks
added 2006/09/11 12:0 a.m.42 views

SOL6612 - BIND 9: Multiple DoS vulnerabilities VU#697164 and VU#915404

This security advisory describes multiple BIND 9 denial of service vulnerabilities. For information about this advisory, refer to the Internet Systems Consortium website at the following location: F5 Networks Product Development is tracking this issue as ID 314714 formerly CR68956 and ID 264730...

0.9AI score
Exploits0Affected Software6
FreeBSD Advisory
FreeBSD Advisory
added 2006/09/06 12:0 a.m.14 views

FreeBSD-SA-06:20.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:20.bind Security Advisory The FreeBSD Project Topic: Denial of Service in named8 Category: contrib Module: bind Announced: 2006-09-06 Credits: The Measurement...

7.5CVSS6.8AI score0.12551EPSS
Exploits1
FreeBSD Advisory
FreeBSD Advisory
added 2005/06/09 12:0 a.m.16 views

FreeBSD-SA-05:12.bind9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:12.bind9 Security Advisory The FreeBSD Project Topic: BIND 9 DNSSEC remote denial of service vulnerability Category: core Module: bind9 Announced: 2005-06-09...

4.3CVSS5.7AI score0.06354EPSS
Exploits0
CVE
CVE
added 2004/09/01 4:0 a.m.70 views

CVE-2002-0400

The CVE-2002-0400 issue affects ISC BIND 9 up to 9.2.0 (pre-9.2.1). A remote attacker can cause a DoS shutdown by sending a malformed DNS packet that triggers an internal error in dns_message_findtype() when the rdataset parameter is not NULL. Impact is denial of service (availability impact: par...

5CVSS6.4AI score0.14218EPSS
Exploits0References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.36 views

ISC BIND 9 Multiple DNS Resolver Functions Remote Overflow

Binary data 1002.prm...

7.5CVSS7.3AI score0.05861EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.18 views

ISC BIND 9 'rdataset' Parameter Malformed DNS Packet DoS

Binary data 1001.prm...

5CVSS7.3AI score0.14218EPSS
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2002/11/15 12:0 a.m.4 views

FreeBSD-SA-02:43.bind

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:43.bind Security Advisory The FreeBSD Project Topic: multiple vulnerabilities in BIND REVISED Category: core Module: bind Announced: 2002-11-15 Credits: ISS X-Force...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2002/06/05 12:0 a.m.44 views

Advisory CA-2002-15 Denial-of-Service Vulnerability in ISC BIND 9

CERT Advisory CA-2002-15 Denial-of-Service Vulnerability in ISC BIND 9 Original release date: June 04, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Domain Name System DNS servers running ISC BIND 9 prior to 9.2.1 Because...

5CVSS7AI score0.14218EPSS
Exploits0
Rows per page
Query Builder