SUSE-SU-2015:2359-1 Security update for bind

This update for bind fixes the following security issue: - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses bsc958861...

ISC BIND named competitive conditions loophole

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A contention condition vulnerability exists in the resolver.c file in named in ISC BIND versions 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2. A...

SUSE-SU-2015:1316-1 Security update for bind

bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries bsc939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet...

SRTT Vulnerability in BIND Software Puts DNS Protocol Security At Risk

After the Heartbleed bug that exposed half of the Internet vulnerable to hackers thereby marking as one of the largest Internet vulnerability in recent history, the critical flaw in the implementation of the DNS protocol could also represent a serious menace to the Internet security. A Serious...

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

CVE-2002-0684

Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr...

Слабые разрешения на ключевые файлы в bind (TSIG keys weak permissions)

Слабые разрешения на файлы в которых хранятся ключи защищенных зон...

[SECURITY] New version of Debian bind packages released

Package: bind Vulnerability: remote Denial of Service Debian-specific: no Vulnerable: yes The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable to a remote denial of service attack, which can cause the nameserver to crash after accessing an uninitialized pointer. This problem is fix...

ISC BIND 8.2.2-P5 - Denial of Service

source: https://www.securityfocus.com/bid/1923/info BIND is the Berkeley Internet Name Daemon, a free Name Resolution software package maintained by the Internet Software Consortium. A Denial of Service exists in current implementations. The problem occurs in the Compressed Zone Transfer ZXFR...

PT-1997-1008 · Isc · Bind

Name of the Vulnerable Software and Affected Versions: BIND affected versions not specified Description: The issue involves DNS cache poisoning via BIND, which is made possible by predictable query IDs. Recommendations: At the moment, there is no information about a newer version that contains a...