bind: Cache poisoning attacks with unsolicited RRs

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

EUVD-2018-17507

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-4408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but...

DEBIAN-CVE-2024-4076

Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1...

SUSE CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

ALPINE-CVE-2017-3141

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-9.2.9, 9.3.2-P1-9.3.6, 9.4.0-9.8.8, 9.9.0-9.9.10, 9.10.0-9.10.5, 9.11.0-9.11.1, 9.9.3-S1-9.9.10-S1,...

CVE-2018-5738

The CVE-2018-5738 issue in BIND stems from Change #4777, causing a regression where, when recursion is enabled, recursion could be allowed to all clients if no match lists are set for allow-query-cache/allow-query. Affected: BIND 9.9.12, 9.10.7, 9.11.3, 9.12.0→9.12.1-P2, 9.13.0 (development), plu...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

UBUNTU-CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

SUSE-SU-2016:2401-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362...

SUSE-SU-2016:2399-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362...

DEBIAN-CVE-2015-8000

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute...

SUSE-SU-2015:1481-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service crash attack against bind nameservers doing validation on DNSSEC signed records. CVE-2015-5722, bsc944066...

DEBIAN-CVE-2014-0591

The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...

bind: 9.9.3P2 security and bugfix update (important)

The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. CVE-2013-4854, bnc831899...

SuSE 11.1 / 11.2 Security Update : bind (SAT Patch Numbers 6604 / 6605)

The bind nameserver was updated to fix a crash denial of service that might have happened during high DNSSEC validation load. CVE-2012-3817 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. T...

SuSE 10 Security Update : bind (ZYPP Patch Number 8298)

The bind nameserver was updated to version 9.6-ESV-R7-P3 to fix a single security problem, where loading a zone file could have caused an assertion abort of the named service. CVE-2012-4244 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...