Lucene search
+L

159 matches found

OSV
OSV
added 2024/02/13 12:0 a.m.4 views

UBUNTU-CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS5.7AI score0.01327EPSS
Exploits0References5
OSV
OSV
added 2024/02/13 12:0 a.m.3 views

UBUNTU-CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.1AI score0.01231EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/09/23 2:8 a.m.3 views

SUSE CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

7.5CVSS8.4AI score0.0215EPSS
Exploits0References3
OSV
OSV
added 2023/09/20 1:15 p.m.3 views

ALPINE-CVE-2023-4236

A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18...

7.5CVSS7AI score0.0215EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/06/23 1:45 a.m.6 views

SUSE CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References3
OSV
OSV
added 2023/06/21 5:15 p.m.1 views

DEBIAN-CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS7.8AI score0.03776EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/21 4:26 p.m.26 views

CVE-2023-2829 Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7AI score0.00868EPSS
Exploits0References2
OSV
OSV
added 2023/06/21 12:0 a.m.3 views

UBUNTU-CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS6.8AI score0.03776EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.4 views

SUSE CVE-2012-5166

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service named daemon hang via unspecified combinations of resource records...

7.8CVSS7.5AI score0.34196EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:16 a.m.4 views

SUSE CVE-2015-5477

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via TKEY queries...

7.8CVSS6.8AI score0.91284EPSS
Exploits12References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.4 views

SUSE CVE-2017-3138

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of name...

5.3CVSS7.2AI score0.05478EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.5 views

SUSE CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

7.5CVSS6.8AI score0.59353EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.4 views

SUSE CVE-2018-5744

A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 of th...

7.5CVSS6.8AI score0.03353EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.2 views

SUSE CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

7.5CVSS6.7AI score0.05415EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.8 views

SUSE CVE-2020-8623

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

7.5CVSS7.7AI score0.06348EPSS
Exploits0References112
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.4 views

SUSE CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

5.3CVSS6.7AI score0.08001EPSS
Exploits0References23
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.6 views

SUSE CVE-2022-0396

BIND 9.16.11 - 9.16.26, 9.17.0 - 9.18.0 and versions 9.16.11-S1 - 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSEWAIT status for an indefinite period of time, even after the client has terminated the connection...

5.3CVSS9.3AI score0.02617EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:31 a.m.5 views

SUSE CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

6.5CVSS7.7AI score0.13108EPSS
Exploits0References11
OSV
OSV
added 2023/01/26 9:15 p.m.7 views

AZL-13204 CVE-2022-3094 affecting package bind for versions less than 9.16.37-2

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS7AI score0.13108EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:15 p.m.3 views

ALPINE-CVE-2022-3094

Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions ACLs and is...

7.5CVSS6.8AI score0.13108EPSS
Exploits0References1
Rows per page
Query Builder