Lucene search
K

11994 matches found

Zero Day Initiative
Zero Day Initiative
added 2021/06/07 12:0 a.m.98 views

ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of TKEY queries. The issue results from the lack of proper validation of...

8.1CVSS3.2AI score0.83406EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1939)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.64161EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1918)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.64161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.31 views

EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1918)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...

8.1CVSS7.2AI score0.64161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.44 views

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2021:1826-1)

This update for bind fixes the following issues : CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that...

7.5CVSS7.3AI score0.11296EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.43 views

EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1939)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...

8.1CVSS7.2AI score0.64161EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.7 views

The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

The vulnerability of the DNS BIND server is related to the lack of use of the assert function. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted request...

6.8CVSS7.1AI score0.0594EPSS
Exploits0References20Affected Software9
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.4 views

The vulnerability of the BIND DNS server component, related to the lack of use of the assert() function, allows a attacker to cause a service failure.

The vulnerability of the BIND DNS server component is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause a service failure...

7.3CVSS7AI score0.11296EPSS
Exploits0References17Affected Software11
RedHat Linux
RedHat Linux
added 2021/05/31 7:57 a.m.2 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/05/31 7:51 a.m.3 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/05/27 12:0 a.m.57 views

Oracle Linux 8 : bind (ELSA-2021-1989)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1989 advisory. 32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215 Tenable has extracted the preceding description block directly from the Oracle Linu...

7.5CVSS7.3AI score0.11296EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/05/26 6:6 a.m.5 views

runc: vulnerable to symlink exchange attack

The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...

8.5CVSS6.9AI score0.06604EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2021/05/26 12:0 a.m.66 views

bind security update

32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215...

7.5CVSS1.8AI score0.11296EPSS
Exploits0
Oracle linux
Oracle linux
added 2021/05/25 12:0 a.m.89 views

idm:DL1 and idm:client security, bug fix, and enhancement update

bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.2-3 - ipa-client-install displays false message 'sudo binary does not seem to ...

6.9CVSS7.1AI score0.8383EPSS
Exploits6
Amazon
Amazon
added 2021/05/24 12:0 a.m.47 views

Important: bind

Issue Overview: A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability. CVE-2021-25215 Affected Packages: bind...

7.5CVSS7.9AI score0.11296EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/05/24 12:0 a.m.7 views

The vulnerability of the libuv library for DNS-servers like Bind9, which allows a hacker to cause a service failure.

The vulnerability of the libuv library for DNS-servers like Bind9 is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.03663EPSS
Exploits0References9Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/05/24 12:0 a.m.51 views

Amazon Linux 2 : bind (ALAS-2021-1635)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1635 advisory. A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more...

7.5CVSS7.2AI score0.11296EPSS
Exploits0References3
OSV
OSV
added 2021/05/23 6:45 p.m.5 views

MGASA-2021-0220 Updated bind packages fix security vulnerabilities

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedlyCVE-2021-25214. Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215. This affects both...

9.8CVSS7.2AI score0.83406EPSS
Exploits0References7
Mageia
Mageia
added 2021/05/23 6:45 p.m.53 views

Updated bind packages fix security vulnerabilities

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedlyCVE-2021-25214. Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215. This affects both...

9.8CVSS4.5AI score0.83406EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2021/05/21 7:0 a.m.2 views

Linux kernel llcp_sock_bind/connect use-after-free

...

7.8CVSS8.2AI score0.00343EPSS
Exploits0
Rows per page
Query Builder