155 matches found
SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2025:01787-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01787-1 advisory. Update to version 9.20.9. - Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure...
ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-3341)
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
Alibaba Cloud Linux 3 : 0025: bind (ALINUX3-SA-2021:0025)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0025 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-6465: Controls for zone transfers...
Alibaba Cloud Linux 3 : 0213: bind (ALINUX3-SA-2022:0213)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0213 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-5743: By design, BIND is intended...
EulerOS 2.0 SP12 : bind (EulerOS-SA-2025-1404)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
EulerOS 2.0 SP12 : bind (EulerOS-SA-2025-1403)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
EulerOS 2.0 SP11 : bind (EulerOS-SA-2025-1346)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
EulerOS 2.0 SP13 : bind (EulerOS-SA-2025-1328)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
EulerOS 2.0 SP13 : bind (EulerOS-SA-2025-1311)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...
Security Bulletin: Vulnerabilities in bind and dnsmasq affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
Summary Vulnerabilities in bind and dnsmasq affect IBM Storage Virtualize products and could denial of service. CVE-2022-2795 CVE-2022-3094 CVE-2022-3736 CVE-2022-3924 CVE-2023-4408 CVE-2023-5517 CVE-5679 CVE-2023-6516 CVE-2023-50387 CVE-2023-50868 . Vulnerability Details CVEID:CVE-2022-2795...
GHSA-9XXQ-VVGH-V3R9 vulnerabilities
Vulnerabilities for packages: bind...
RHEL 8 : bind (RHSA-2025:1687)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1687 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
Fedora 41 : bind / bind-dyndb-ldap (2025-3551f3ba1b)
The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-3551f3ba1b advisory. Update to 9.16.33 2342784 Security Fixes: - DNS-over-HTTPS flooding fixes. CVE-2024-12705 - Limit additional section processing for large RDATA sets...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2025:0355-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0355-1 advisory. Update to release 9.18.33 Security Fixes: - CVE-2024-11187: Fixes CPU exhaustion caused by many...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2025-838)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-838 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause...
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
Amazon Linux 2 : bind (ALAS-2025-2751)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2751 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in t...
[SECURITY] [DSA 5854-1] bind9 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5854-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2025 https://www.debian.org/security/faq -...
CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load
Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...
USN-7241-1: Bind vulnerabilities
Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial of service. CVE-2024-11187 Jean-François Billaud discovered that the Bind DNS-over-HTTPS...