11998 matches found
Fedora 32 : 32:bind / bind-dyndb-ldap / dnsperf (2020-a02b7a0f21)
Upstream release notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...
ISC BIND Zone Update Vulnerability (cve-2020-8624)
ISC BIND versions 9.9.12 to 9.9.13, 9.10.7 to 9.10.8, 9.11.3 to 9.11.21, 9.12.1 to 9.16.5, 9.17.0 to 9.17.3 as well as 9.9.12-S1 to 9.9.13-S1, 9.11.3-S1 to 9.11.21-S1 of the BIND 9 Supported Preview Edition are affected by a vulnerability. An authenticated, remote attacker who has been granted...
ISC BIND 9.14.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.14.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS. While query forwarding and QNAME minimization are mutually incompatible...
ISC BIND 9.10.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.10.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS. If BIND is built with --enable-native-pkcs11...
ISC BIND 9.x < 9.11.22, 9.12.x < 9.16.6, 9.17.x < 9.17.4 DoS
According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.x prior to 9.11.22, 9.12.x prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS vulnerability due to an assertion failure when...
[SECURITY] Fedora 32 Update: bind-dyndb-ldap-11.3-2.fc32
This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...
[SECURITY] Fedora 32 Update: bind-9.11.22-1.fc32
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
In BIND 9.15.6 -> 9.16.5 9.17.0 -> 9.17.3 An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure causing the server to exit.
...
Security fix for the ALT Linux 9 package bind version 9.11.22-alt1
9.11.22-alt1 built Aug. 26, 2020 Stanislav Levin in task 256558 Aug. 21, 2020 Stanislav Levin - 9.11.20 - 9.11.22 fixes: CVE-2020-8622, CVE-2020-8623, CVE-2020-8624...
USN-4468-2: Bind vulnerability
USN-4468-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed reques...
USN-4468-2 bind9 vulnerability
USN-4468-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed reques...
AIX 7.1 TL 5 : bind (IJ25924)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Bind vulnerabilities (USN-4468-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4468-1 advisory. Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to...
AIX 7.2 TL 3 : bind (IJ25926)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2020-234-01)
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-234-01. The text itself is copyright C Slackware Linux,...
AIX 7.2 TL 4 : bind (IJ25927)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt3
9.10.8.P1-alt3 built Aug. 24, 2020 Stanislav Levin in task 256547 Aug. 21, 2020 Stanislav Levin - Applied upstream patches fixes: CVE-2020-8622, CVE-2020-8623, CVE-2020-8624...
AIX 7.2 TL 2 : bind (IJ25925)
https://vulners.com/cve/CVE-2020-8616 https://vulners.com/cve/CVE-2020-8616 ISC BIND is vulnerable to a denial of service, caused by the failure to limit the number of fetches performed when processing referrals. By using specially crafted referrals, a remote attacker could exploit this...
Security Bulletin: Vulnerabilities in BIND affect AIX (CVE-2020-8616 and CVE-2020-8617)
Summary There are vulnerabilities in BIND that affect AIX. Vulnerability Details CVEID: CVE-2020-8617 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a logic error in code which checks TSIG validity. A remote attacker could exploit this vulnerability to trigger an assertion...
CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...