11996 matches found
Security Bulletin: Vulnerability in BIND affects AIX (CVE-2020-8622)
Summary There is a vulnerability in BIND that affects AIX. Vulnerability Details CVEID: CVE-2020-8622 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure when attempting to verify a truncated response to a TSIG-signed request. By sending a specially-crafted...
The vulnerability of the Bind9 DNS-server implementation with the “--enable-native-pkcs11” option allows a attacker to cause a service failure.
The vulnerability of the Bind9 DNS-server implementation with the “--enable-native-pkcs11” option is related to the lack of a mechanism for managing privileges. Exploiting this vulnerability could allow an attacker to cause service failures by sending specially crafted DNS queries signed with an...
The vulnerability of the Bind9 DNS server package lies in the lack of use of the assert() function, which allows a attacker to cause a service failure.
The vulnerability of the Bind9 DNS server package is related to the lack of use of the assert function. Exploiting this vulnerability could allow a malicious actor to cause service failures...
DEBIAN-CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
PT-2024-11109 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a NULL pointer dereference in the pci epf test alloc space function when the get features ops of pci epc ops return NULL. This occurs when EPC features are not...
Heap corruption via crafted DN strings
Description A DN may be represented in string form with arbitrary amounts of space around the component values. These spaces are supposed to be ignored, but invalid DNs strings with spaces may instead cause a zero byte to be written into out-of-bounds memory. An LDAP bind request can send a strin...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Bind vulnerability (USN-4737-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4737-1 advisory. It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind t...
Important: bind
Issue Overview: A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named process to crash or possibly perform remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as...
Important: bind
Issue Overview: A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named process to crash or possibly perform remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as...
Fedora: Security Advisory for bind (FEDORA-2021-8b4744f152)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux AMI : bind (ALAS-2021-1485)
The version of bind installed on the remote host is prior to 9.8.2-0.68.rc1.86. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1485 advisory. A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the...
[SECURITY] Fedora 34 Update: bind-9.16.11-5.fc34
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
Amazon Linux 2 : bind (ALAS-2021-1614)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1614 advisory. A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named...
Oracle Linux 6 : bind (ELSA-2021-9117)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9117 advisory. 32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749 Tenable has extracted the preceding description block directly fro...
PT-2021-11783 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel version v5.12-rc5 Description: An out-of-bounds memory access flaw was found in x25 bind in net/x25/af x25.c. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory...
bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation
A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named process to crash or possibly perform remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHEL 8 : bind (RHSA-2021:0922)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0922 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...
Design/Logic Flaw
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mount. Once such a container ...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1647)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...