Mandrake Linux Security Advisory : bind (MDKSA-2007:149)

The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker CVE-2007-2926. As well, in BIND9 9.4.x, the...

[SECURITY] [DSA 1342-2] New bind9 packages fix DNS cache poisoning

-------------------------------------------------------------------------- Debian Security Advisory DSA 1341-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 25th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning

-------------------------------------------------------------------------- Debian Security Advisory DSA 1341-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 25th, 2007 http://www.debian.org/security/faq -...

DSA-1341-2 bind9 - DNS cache poisoning vulnerability

Bulletin has no description...

Debian DSA-1254-1 : bind9 - insufficient input sanitising

It was discovered that the Bind name server daemon is vulnerable to denial of service by triggering an assertion through a crafted DNS query. This only affects installations which use the DNSSEC extentions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

[SECURITY] [DSA 1254-1] New bind9 packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1254-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27th, 2007 http://www.debian.org/security/faq -...

FreeBSD : bind9 -- Denial of Service in named(8) (ef3306fc-8f9b-11db-ab33-000e0c2e438a)

Problem Description For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named8 daemon. Also for a recursive DNS server, an assertion failure ca...

Debian DSA-1172-1 : bind9 - programming error

Two vulnerabilities have been discovered in BIND9, the Berkeley Internet Name Domain server. The first relates to SIG query processing and the second relates to a condition that can trigger an INSIST failure, both lead to a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

DSA-1172-1 bind9 - programming error

Bulletin has no description...

USN-343-1: bind9 vulnerabilities

bind did not sufficiently verify particular requests and responses from other name servers and users. By sending a specially crafted packet, a remote attacker could exploit this to crash the name server...

Mandrake Linux Security Advisory : bind (MDKSA-2002:038-1)

A vulnerability was discovered in the BIND9 DNS server in versions prior to 9.2.1. An error condition will trigger the shutdown of the server when the rdataset parameter to the dnsmessagefindtype function in message.c is not NULL as expected. This condition causes the server to assert an error...