SUSE CVE-2009-1303

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...

SUSE CVE-2009-2909

Integer signedness error in the ax25setsockopt function in net/ax25/afax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service OOPS via a crafted optlen value in an SOBINDTODEVICE operation...

SUSE CVE-2009-4022

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive...

SUSE CVE-2010-0097

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...

SUSE CVE-2010-0213

BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation DLV, allows remote attackers to cause a denial of service infinite loop via a query for an RRSIG record whose answer is not in the cache, which causes BI...

SUSE CVE-2010-0218

ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired RD queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query...

SUSE CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

SUSE CVE-2010-0382

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response...

SUSE CVE-2010-3615

named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism...

SUSE CVE-2011-0414

ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...

SUSE CVE-2011-1910

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...

SUSE CVE-2011-1907

ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones RPZ RRset replacement is enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via an RRSIG query...

SUSE CVE-2011-2464

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service named daemon crash via a crafted UPDATE request...

SUSE CVE-2011-2465

Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone RPZ contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service named daemon crash via an unspecified query...

SUSE CVE-2011-4313

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...

SUSE CVE-2012-1033

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...

SUSE CVE-2012-1667

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

SUSE CVE-2012-3868

Race condition in the nsclient structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service memory consumption or process exit via a large volume of TCP queries...

SUSE CVE-2012-4244

ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query for a long resource record...

SUSE CVE-2012-5166

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service named daemon hang via unspecified combinations of resource records...