11994 matches found
ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of TKEY queries. The issue results from the lack of proper validation of...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1939)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1918)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1918)
According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...
SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2021:1826-1)
This update for bind fixes the following issues : CVE-2021-25214: Fixed a broken inbound incremental zone update IXFR which could have caused named to terminate unexpectedly bsc1185345. CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that...
EulerOS 2.0 SP9 : bind (EulerOS-SA-2021-1939)
According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...
The vulnerability of the DNS BIND server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.
The vulnerability of the DNS BIND server is related to the lack of use of the assert function. Exploiting this vulnerability allows a malicious actor to cause a service failure through a specially crafted request...
The vulnerability of the BIND DNS server component, related to the lack of use of the assert() function, allows a attacker to cause a service failure.
The vulnerability of the BIND DNS server component is related to the lack of use of the assert function. Exploiting this vulnerability allows a remote attacker to cause a service failure...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
Oracle Linux 8 : bind (ELSA-2021-1989)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1989 advisory. 32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215 Tenable has extracted the preceding description block directly from the Oracle Linu...
runc: vulnerable to symlink exchange attack
The runc package is vulnerable to a symlink exchange attack whereby an attacker can request a seemingly innocuous container configuration that results in the host filesystem being bind-mounted into the container. The highest threat from this vulnerability is to data confidentiality and integrity ...
bind security update
32:9.11.26-4 - Possible assertion failure on DNAME processing CVE-2021-25215...
idm:DL1 and idm:client security, bug fix, and enhancement update
bind-dyndb-ldap 11.6-2 - Rebuild against bind 9.11.26 - Resolves: rhbz1904612 11.6-1 - New upstream release - Resolves: rhbz1891735 ipa 4.9.2-3.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.2-3 - ipa-client-install displays false message 'sudo binary does not seem to ...
Important: bind
Issue Overview: A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more than once which causes an assertion check to fail. The highest threat from this flaw is to system availability. CVE-2021-25215 Affected Packages: bind...
The vulnerability of the libuv library for DNS-servers like Bind9, which allows a hacker to cause a service failure.
The vulnerability of the libuv library for DNS-servers like Bind9 is related to the insufficient use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Amazon Linux 2 : bind (ALAS-2021-1635)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1635 advisory. A flaw was found in bind. The way DNAME records are processed may trigger the same RRset to the ANSWER section to be added more...
MGASA-2021-0220 Updated bind packages fix security vulnerabilities
A broken inbound incremental zone update IXFR can cause named to terminate unexpectedlyCVE-2021-25214. Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215. This affects both...
Updated bind packages fix security vulnerabilities
A broken inbound incremental zone update IXFR can cause named to terminate unexpectedlyCVE-2021-25214. Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215. This affects both...
Linux kernel llcp_sock_bind/connect use-after-free
...