[SECURITY] Fedora 39 Update: bind-dyndb-ldap-11.10-24.fc39

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

The vulnerability of the DNSSEC component of the DNS server BIND implementation allows a attacker to cause service failures.

The vulnerability of DNSSEC implementation in DNS server BIND is related to algorithmic complexity and unlimited resource distribution during the creation of a DNS zone. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Fedora 39 : bind / bind-dyndb-ldap (2024-21310568fa)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-21310568fa advisory. Security Fixes - Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service...

Ubuntu 20.04 LTS : Bind vulnerabilities (USN-6642-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6642-1 advisory. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker...

SUSE CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

SUSE CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

Mageia: Security Advisory (MGASA-2024-0038)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated bind packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Parsing large DNS messages may cause excessive CPU load. CVE-2023-4408 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled. CVE-2023-5517 Enabling both DNS64 and serve-stale may cause an assertion...

SUSE CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

Vulnerabilities fixed in ISC BIND

ISC has fixed vulnerabilities in BIND. A malicious party can exploit the exploit the vulnerabilities to cause a denial-of-service. ISC has released updates to fix the vulnerabilities in BIND 9.19.21, 9.18.24 S1, 9.16.48 S1 For more information, see: https://kb.isc.org/docs/cve-2023-4408...

CVE-2023-5679

A flaw was found in the bind package. This issue may allow an attacker to query in a DNS64 enabled resolver node with a domain name triggering a server-stale data, triggering a code assertion, and resulting in a crash of named processes. This can allow a remote unauthenticated user to cause a...

CVE-2023-5517

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...

SMB Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an SMB server. Connect back to the attacker Module Options msf use payload/cmd/windows/smb/x64/meterpreter/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

SMB Fetch, Windows x64 Command Shell, Windows x64 Bind TCP Stager

Fetch and execute an x64 payload from an SMB server. Spawn a piped command shell Windows x64 staged. Listen for a connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp...

SMB Fetch, Windows shellcode stage, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/smb/x64/custom/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...sh...

SMB Fetch, Windows x64 Command Shell, Bind TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an SMB server. Spawn a piped command shell Windows x64 staged. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/smb/x64/shell/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid...

SMB Fetch, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an SMB server. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/vncinject/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp show options ...show a...

SMB Fetch, Windows x64 Bind Named Pipe Stager

Fetch and execute an x64 payload from an SMB server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/vncinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...

SMB Fetch, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...

SMB Fetch, Windows x64 Bind Named Pipe Stager

Fetch and execute an x64 payload from an SMB server. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/peinject/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf payloadbindnamedpipe show options...