Advisory ROSA-SA-2021-1803

Software: bind 9.11.4 OS: Cobalt 7.9 CVE-ID: CVE-2018-5744 CVE-Crit: HIGH CVE-DESC: Memory release failure may occur when processing messages with a specific combination of EDNS parameters. Affected versions are BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1 and versions 9.10.7-S...

EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2021-2092)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1995)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-2042)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-2013)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2021-2042)

According to the version of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named...

EulerOS Virtualization for ARM 64 3.0.6.0 : bind (EulerOS-SA-2021-1995)

According to the version of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a...

EulerOS Virtualization for ARM 64 3.0.6.0 : bind (EulerOS-SA-2021-2013)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2021-1975)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported...

Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

MGASA-2021-0275 Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

Amazon Linux 2 : bind (ALAS-2021-1651)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1651 advisory. Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containi...

CVE-2021-0551

In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

Security Bulletin: BIND for IBM i is affected by CVE-2021-25214 and CVE-2021-25215

Summary BIND is used by IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-25214 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a broken inbound incremental zone update IXFR. By sending a specially crafted IXFR, an attacker could exploit...

The vulnerability of the Windows operating system’s Bind Filter Driver allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Windows Bind Filter Driver relates to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

PT-2024-11247 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a possible use-after-free in the smsc75xx bind function. The commit 46a8b29c6306 "net: usb: fix memory leak in smsc75xx bind" fails to clean up the work schedul...

Bugs Lurking in Cisco UC Provisioning Platform

The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a cri-o/runc security vulnerability (CVE-2021-30465)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability found in cri-o/runc that could allow certain container configuration requests to actually result in the host filesystem being bind-mounted into the container allowing for a container escape CVE-2021-30465. Vulnerabilit...

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...