Lucene search
K

41 matches found

Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-27770

Name of the Vulnerable Software and Affected Versions BIND versions 9.11.0 through 9.16.50 BIND versions 9.18.0 through 9.18.46 BIND versions 9.20.0 through 9.20.20 BIND versions 9.21.0 through 9.21.19 BIND versions 9.11.3-S1 through 9.16.50-S1 BIND versions 9.18.11-S1 through 9.18.46-S1 BIND...

7.8CVSS5.8AI score0.01545EPSS
Exploits0References120
RedHat Linux
RedHat Linux
added 2025/11/24 10:36 a.m.6 views

bind: Cache poisoning attacks with unsolicited RRs

A vulnerability exists in BIND’s DNS resolver logic that makes it overly permissive when accepting resource records RRs in responses. Under certain conditions, this flaw allows attackers to inject unsolicited or forged DNS records into the cache. This can be exploited to poison the resolver cache...

8.6CVSS6AI score0.00509EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/11/11 7:58 p.m.2 views

bind: Resource exhaustion via malformed DNSKEY handling

A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentiall...

7.5CVSS6AI score0.1096EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/05 12:1 p.m.8 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00454EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/22 3:58 p.m.5 views

CVE-2025-8677

A vulnerability was found in BIND 9 resolvers, where processing malformed DNSKEY records from a specially crafted zone can lead to resource exhaustion, primarily causing excessive CPU utilization. This issue enables a remote, unauthenticated attacker to degrade resolver performance and potentiall...

7.5CVSS6.3AI score0.1096EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17514

Malware in sbrugna...

4.9CVSS6.1AI score0.02264EPSS
Exploits0References9
OSV
OSV
added 2023/06/21 5:15 p.m.4 views

DEBIAN-CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS8.1AI score0.02575EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.4 views

SUSE CVE-2002-1146

The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary "read buffer...

5CVSS6.9AI score0.03279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.5 views

SUSE CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS7.6AI score0.02264EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.4 views

SUSE CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS7.2AI score0.15989EPSS
Exploits0References9
OSV
OSV
added 2023/01/26 9:16 p.m.3 views

ALPINE-CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS6.7AI score0.15989EPSS
Exploits0References1
OSV
OSV
added 2022/09/21 11:15 a.m.6 views

AZL-11000 CVE-2022-3080 affecting package bind for versions less than 9.16.33-1

By sending specific queries to the resolver, an attacker can cause named to crash...

7.5CVSS7.2AI score0.01555EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.3 views

PT-2022-4939 · Isc +10 · Bind +10

Name of the Vulnerable Software and Affected Versions: BIND versions affected versions not specified Description: The issue is related to a flaw in the resolver code, allowing an attacker to cause the named service to crash by sending specific queries. This can lead to a denial of service DoS...

8.2CVSS7AI score0.02299EPSS
Exploits0References92
Veracode
Veracode
added 2021/11/04 3:26 a.m.312 views

Denial Of Service (DoS)

bind9 is vulnerable to denial of service. The vulnerability exists due to broken authoritative servers using a flaw in response processing that may cause degradation in BIND resolver performance...

5.3CVSS4.6AI score0.08001EPSS
Exploits0References14Affected Software6
Debian CVE
Debian CVE
added 2021/10/27 9:10 p.m.63 views

CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6.1AI score0.08001EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/02/21 12:0 a.m.35 views

CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertio...

4.9CVSS6.6AI score0.02264EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/22 12:0 a.m.57 views

Amazon Linux AMI : bind (ALAS-2018-954)

Improper fetch cleanup sequencing in the resolver can cause named to crash : A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named,...

7.5CVSS6.9AI score0.27725EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/06/28 9:0 a.m.7 views

bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver

A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

7.5CVSS6.8AI score0.08902EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/06/07 4:38 p.m.13 views

bind: deleted domain name resolving flaw

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...

5CVSS6.9AI score0.13538EPSS
Exploits1References5
CERT
CERT
added 2012/02/08 12:0 a.m.34 views

ISC BIND 9 resolver cache vulnerability

Overview ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. Description According to ISC:I SC has been notified by Haixin Duan a professor at Tsinghua University in Beijing China, who is...

5CVSS8.2AI score0.13538EPSS
Exploits1References2
Rows per page
Query Builder