ISC BIND: Multiple Vulnerabilities

Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Multiple vulnerabilities have been discovered in ISC BIND. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers...

Juniper Junos OS Cache Poisoning (JSA69888)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69888 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those...

USN-5626-1: Bind vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of...

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for bind (SUSE-SU-2022:3767-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3767-1 advisory. Update to release 9.16.33: - CVE-2022-2795: Fixed potential performance degredation due to missi...

SUSE: Security Advisory (SUSE-SU-2022:3767-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS: Security Advisory for bind (CESA-2022:6765)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

bind security update

CentOS Errata and Security Advisory CESA-2022:6765 An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE-SU-2022:3767-1 Recommended update for bind

This update for bind fixes the following issues: Update to release 9.16.33: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations bsc1203614. - CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cac...

CentOS 7 : bind (RHSA-2022:6765)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6765 advisory. - By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to...

SUSE SLES15: bind / bind-chrootenv / bind-devel / bind-devel-32bit / bind-doc / etc (SUSE-SU-2022:3729-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3729-1 advisory. - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large...

SUSE: Security Advisory (SUSE-SU-2022:3729-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3729-1 Security update for bind

This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations bsc1203614. - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code fo...

DL1 bug fix and enhancement update

An update is available for ipa, python-jwcrypto, custodia, bind-dyndb-ldap, python-qrcode, softhsm, slapi-nis, python-yubico, python-kdcproxy, opendnssec, ipa-healthcheck, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

SUSE: Security Advisory (SUSE-SU-2022:3682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2022-0388)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated bind packages fix security vulnerability

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 By spoofing the target resolver with responses that have a malformed ECDSA...

SUSE SLED15: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2022:3682-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3682-1 advisory. - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits...

SUSE-SU-2022:3682-1 Security update for bind

This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations bsc1203614. - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code fo...

F5 Networks BIG-IP : BIND vulnerability (K27155546)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K27155546 advisory. - By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small...

CVE-2022-42168

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind...