Lucene search
K

44 matches found

Slackware Linux
Slackware Linux
added 2020/06/18 10:38 p.m.31 views

[slackware-security] bind

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.20-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: It was possible to trigger an INSIST in...

4.9CVSS0.6AI score0.02088EPSS
Exploits0
OSV
OSV
added 2020/06/15 7:54 a.m.6 views

MGASA-2020-0259 Updated bind packages fix security vulnerability

Updated bind packages fix security vulnerabilities: It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service CVE-2019-6477. Lior Shafir, Yehuda Afek, and Anat...

8.6CVSS8.3AI score0.93422EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.251 views

EulerOS 2.0 SP5 : bind (EulerOS-SA-2019-2128)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 'managed-keys' is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for us...

6.5CVSS6.3AI score0.40536EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.23 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Vulnerability (NS-SA-2019-0063)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by a vulnerability: - RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been...

7.5CVSS6.2AI score0.01575EPSS
Exploits0References2
OSV
OSV
added 2018/08/23 11:35 p.m.10 views

MGASA-2018-0353 Updated bind packages fix security vulnerability

Updated bind packages fix security vulnerability: In ISC BIND, a defect in thie "deny-answer-aliases" feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named...

7.5CVSS7.4AI score0.59353EPSS
Exploits0References4
OSV
OSV
added 2018/01/24 10:37 p.m.6 views

MGASA-2018-0092 Updated bind packages fix security vulnerability

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named CVE-2017-3145...

7.5CVSS7.4AI score0.27725EPSS
Exploits0References4
OSV
OSV
added 2017/12/31 12:0 p.m.10 views

MGASA-2017-0478 Updated bind packages fix security vulnerability

It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-9131. It was discovered that Bind incorrectly handled certain malformed responses to an AN...

7.5CVSS6.9AI score0.40556EPSS
Exploits1References20
OSV
OSV
added 2016/11/04 9:24 a.m.7 views

MGASA-2016-0365 Updated bind packages fix security vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...

7.5CVSS7.4AI score0.38733EPSS
Exploits0References4
OSV
OSV
added 2015/12/20 9:15 a.m.8 views

MGASA-2015-0481 Updated bind packages fix security vulnerability

An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible...

5CVSS6.1AI score0.5469EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.35 views

CentOS 6 / 7 : bind (CESA-2015:1705)

"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.8CVSS6.7AI score0.33652EPSS
Exploits0References3
OSV
OSV
added 2015/09/08 7:20 a.m.6 views

MGASA-2015-0341 Updated bind packages fix security vulnerabilities

Updated bind packages fix security vulnerability: Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from ...

7.8CVSS6.4AI score0.33652EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.40 views

CentOS 6 / 7 : bind (CESA-2015:1513)

"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

7.8CVSS6.9AI score0.91284EPSS
Exploits12References3
Slackware Linux
Slackware Linux
added 2015/07/28 7:38 p.m.41 views

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P2-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where an error in the handling...

7.8CVSS7.9AI score0.91284EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2015/03/12 12:0 a.m.31 views

CentOS 6 / 7 : bind (CESA-2015:0672)

"Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

5.4CVSS7.2AI score0.22168EPSS
Exploits0References4
Mageia
Mageia
added 2015/02/21 6:3 p.m.43 views

Updated bind packages fix CVE-2015-1349

Updated bind packages fix security vulnerability: Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects...

5.4CVSS8.5AI score0.22168EPSS
Exploits0References4
OSV
OSV
added 2014/12/10 8:9 p.m.6 views

MGASA-2014-0524 Updated bind packages fix CVE-2014-8500

Updated bind packages fix security vulnerability: By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the...

7.8CVSS6.5AI score0.65683EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.25 views

Oracle Linux 5 / 6 : bind (ELSA-2011-1458)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1458 advisory. - update to 9.7.3-P3 CVE-2011-2464 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

5CVSS7AI score0.19265EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/02/16 12:0 a.m.45 views

VMSA-2013-0001 : VMware vSphere security updates for the authentication service and third-party libraries

a. VMware vSphere client-side authentication memory corruption vulnerability VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere...

10CVSS8.4AI score0.36798EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2012/11/16 12:0 a.m.33 views

VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console

a. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities o...

8.5CVSS7.4AI score0.27383EPSS
Exploits8References11
Slackware Linux
Slackware Linux
added 2009/01/15 3:37 p.m.17 views

bind 10.2/11.0 recompile

Updated bind packages are available for Slackware 10.2 and 11.0 to address a load problem. It was reported that the initial build of these updates complained that the Linux capability module was not present and would refuse to load. It was determined that the packages which were compiled on 10.2...

6.9AI score
Exploits0
Rows per page
Query Builder