Lucene search
+L

148 matches found

OSV
OSV
added 2024/08/23 11:8 a.m.4 views

OESA-2024-2016 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: A...

7.5CVSS6.8AI score0.0468EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/08/19 5:12 a.m.76 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.4AI score0.02114EPSS
Exploits0References3
OSV
OSV
added 2024/08/14 12:0 a.m.20 views

ALSA-2024:5390 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.9AI score0.02114EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/08/12 12:0 a.m.5 views

The vulnerability of the BIND DNS server, related to the distribution of resources without restrictions and regulation, allows a hacker to cause a service failure.

The vulnerability of the BIND DNS server is related to the exhaustion of resources on the resolver’s CPU. Exploiting this vulnerability allows a malicious actor to cause service failures by sending SIG0 signed requests...

7.8CVSS7.5AI score0.02114EPSS
Exploits0References13Affected Software9
OSV
OSV
added 2024/08/09 11:8 a.m.4 views

OESA-2024-1970 bind security update

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS6.6AI score0.02114EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/08/09 12:0 a.m.7 views

The vulnerability of the BIND DNS server, related to the use of the assert() function or similar operators, allows attackers to cause a service failure.

The vulnerability of the BIND DNS server relates to the use of the assert function or similar operators. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted requests...

7.8CVSS7.5AI score0.02111EPSS
Exploits0References14Affected Software9
Redos
Redos
added 2024/08/07 12:0 a.m.24 views

ROS-20240807-10

BIND DNS server vulnerability is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending multiple DNS messages over TCP The BIND DNS server vulnerability involves sending a large number of clie...

7.5CVSS6.6AI score0.0468EPSS
Exploits0
Redos
Redos
added 2024/06/11 12:0 a.m.41 views

ROS-20240611-09

A vulnerability in the BIND DNS server is related to a flaw in the use of assert. Exploitation vulnerability could allow an attacker acting remotely to cause a denial of service via the named parameter during DNS64 and serve-stale interaction A vulnerability in the named component of the DNS BIND...

7.5CVSS7.1AI score0.99995EPSS
Exploits1
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.78 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.8AI score0.99995EPSS
Exploits1References14
RedHat Linux
RedHat Linux
added 2024/04/15 1:30 a.m.48 views

Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security updates

Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

7.5CVSS7AI score0.99995EPSS
Exploits1References7
Ubuntu
Ubuntu
added 2024/02/13 3:30 p.m.425 views

USN-6633-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
OSV
OSV
added 2024/02/13 12:0 a.m.6 views

UBUNTU-CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

7.5CVSS7.1AI score0.01097EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/10/05 2:36 p.m.49 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.5CVSS7AI score0.02626EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2023/10/05 12:0 a.m.56 views

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.1AI score0.02626EPSS
Exploits0References4
Redos
Redos
added 2023/09/08 12:0 a.m.38 views

ROS-20230907-03

The vulnerability in the BIND DNS server is related to a stack buffer overflow when BIND is acting as a "resolver" when the number of recursive queries has reached an acceptable maximum and the server settings have been configured. "resolver", when the number of recursive queries has reached an...

7.5CVSS8.8AI score0.03776EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.18 views

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

7.3AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.60 views

K14201: BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244

Security Advisory Description A vulnerability exists in the BIND DNS server process that may allow a remote attacker to initiate a denial-of-service DoS attack against the DNS service. Impact DNS services may be unavailable and cause a failure in DNS resolution. Security Advisory Status F5 Produc...

7AI score
Exploits0Affected Software9
F5 Networks
F5 Networks
added 2023/02/21 7:30 p.m.50 views

K02230327: BIND vulnerability CVE-2017-3143

Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND...

7.5CVSS7.2AI score0.18157EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.5 views

SUSE CVE-2010-0097

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...

4.3CVSS7.6AI score0.09363EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.4 views

SUSE CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

4CVSS7.5AI score0.06775EPSS
Exploits0References4
Rows per page
Query Builder