CVE-2023-41038 Server crash when using specific form of SET BIND statement

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

CVE-2023-41038

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

Firebird Security Vulnerability

Firebird is an open source cross-platform relational database management system from the Firebird Foundation that provides multiple ANSI SQL-92 features. A security vulnerability exists in Firebird versions 4.0.0 through 4.0.3, 5.0 beta1, which originates from a server crash when using a specific...

PT-2024-2355 · Firebird +1 · Firebird +1

Name of the Vulnerable Software and Affected Versions: Firebird versions 4.0.0 through 4.0.3 Firebird version 5.0 beta1 Description: The issue is related to a server crash when a user uses a specific form of SET BIND statement with a long CHAR length, causing stack corruption. This can be exploit...

bind: flooding with UPDATE requests may lead to DoS

A flaw was found in Bind, where sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This issue may cause named to slow down due to a lack of free memory, resulting in a denial of service DoS...

Moderate: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

CVE-2023-5679 affecting package bind for versions less than 9.19.21-1

CVE-2023-5679 affecting package bind for versions less than 9.19.21-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-6516 affecting package bind for versions less than 9.19.21-1

CVE-2023-6516 affecting package bind for versions less than 9.19.21-1. An upgraded version of the package is available that resolves this issue...

CVE-2019-6470 affecting package bind for versions less than 9.16.44-2

CVE-2019-6470 affecting package bind for versions less than 9.16.44-2. A patched version of the package is available...

CVE-2023-5517 affecting package bind for versions less than 9.19.21-1

CVE-2023-5517 affecting package bind for versions less than 9.19.21-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-4408 affecting package bind for versions less than 9.19.21-1

CVE-2023-4408 affecting package bind for versions less than 9.19.21-1. An upgraded version of the package is available that resolves this issue...

RHEL 8 : bind (RHSA-2024:1406)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1406 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Performance Degradation

BIND is vulnerable to a performance degradation issue when a resolver cache contains a large number of ECS EDNS Client Subnet records for the same name, impacting query performance during the cache database cleanup process...

CVE-2023-6725

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CVE-2023-6725

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CVE-2023-6725 Tripleo-ansible: bind keys are world readable

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CVE-2023-6725 Tripleo-ansible: bind keys are world readable

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CVE-2023-6725

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CVE-2023-6725

An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...

CLSA-2024-1710437162 bind: Fix of 2 CVEs

CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3 - Enable internal tests by default...