USN-6909-2: Bind vulnerabilities

USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possib...

USN-6909-2 bind9 vulnerabilities

USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possib...

Ubuntu 18.04 LTS : Bind vulnerabilities (USN-6909-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-2 advisory. USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.6.5)

The version of AOS installed on the remote host is prior to 6.5.6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6.5 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause ...

K000140528: BIND vulnerability CVE-2024-0760

Security Advisory Description A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2024:2636-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2636-1 advisory. Update to release 9.18.28 Security fixes: - CVE-2024-0760: Fixed a flood of DNS messages over TC...

SUSE-SU-2024:2636-1 Security update for bind

This update for bind fixes the following issues: Update to release 9.18.28 Security fixes: - CVE-2024-0760: Fixed a flood of DNS messages over TCP may make the server unstable bsc1228255 - CVE-2024-1737: Fixed BIND's database will be slow if a very large number of RRs exist at the same name...

DEBIAN-CVE-2024-41097

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...

SUSE CVE-2024-0760

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

OPENSUSE-SU-2024:14217-1 bind-9.20.0-1.1 on GA media

These are all security issues fixed in the bind-9.20.0-1.1 package on the GA media of openSUSE Tumbleweed...

CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software

The Internet Systems Consortium ISC has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain BIND 9 Domain Name System DNS software suite that could be exploited to trigger a denial-of-service DoS condition. "A cyber threat actor could exploit one of...

Assertion Failure

libbind9.so is vulnerable to an Assertion Failure. The vulnerability is due to improper handling of client queries that trigger serving stale data and require lookups in local authoritative zone data, allowing an attacker to disrupt the normal operation of the BIND 9 service, potentially causing ...

ISC Releases Security Advisories for BIND 9

The Internet Systems Consortium ISC released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain BIND 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and...

ISC BIND DoS Vulnerability (CVE-2024-4076) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-0760) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-4076) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-1737) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-0760) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-1737) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

ISC BIND DoS Vulnerability (CVE-2024-1975) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...