SUSE: Security Advisory (SUSE-SU-2023:2789-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Graylog vulnerable to insecure source port usage for DNS queries

Summary Graylog utilises only one single source port for DNS queries. Details Graylog seems to bind a single socket for outgoing DNS queries. That socket is bound to a random port number which is not changed again. This goes against recommended practice since 2008, when Dan Kaminsky discovered ho...

SUSE-SU-2023:2789-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed DOS against recursive resolvers related to cache-cleaning algorithm bsc1212544...

ROS-2-1771

2.1771 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1199

2.1199 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1909

2.1909 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

ROS-2-1172

2.1172 Vulnerability in BIND DNS server 1. Vulnerability description: Security issue is related to inefficiency of protection against "DNS rebinding" attacks when operating in the DNS server redirecting requests mode block "forwarders" in the settings.Identifier of the Information Security Threat...

PT-2023-3974 · Linux +10 · Linux Kernel +10

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability in the Linux kernel's net/sched: cls fw component can be exploited to achieve local privilege escalation. If tcf change indev fails, fw set parms will...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2023-1d526d551c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bind (FEDORA-2023-1d526d551c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

libbind9.so is vulnerable to Denial Of Service. The vulnerability exists if the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes and stale-answer-client-timeout 0, which leads to a sequence of serve-stale-related lookups could cause the named to...

[SECURITY] Fedora 37 Update: bind-9.18.16-1.fc37

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 37 Update: bind-dyndb-ldap-11.10-15.fc37

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...

Fedora 37 : bind / bind-dyndb-ldap (2023-1d526d551c)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-1d526d551c advisory. Update to BIND 9.18.16 Selected parts from upstream release notes. Visit that for details of bug fixes. Security Fixes - The overmem cleaning proces...

K000135312: BIND vulnerability CVE-2023-2828

Security Advisory Description Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement i...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2667-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database...

SUSE-SU-2023:2667-1 Security update for bind

This update for bind fixes the following issues: Update to release 9.16.42 Security Fixes: The overmem cleaning process has been improved, to prevent the cache from significantly exceeding the configured max-cache-size limit. CVE-2023-2828 A query that prioritizes stale data over lookup triggers ...

K000135252: BIND vulnerability CVE-2023-2829

Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...

Debian DSA-5439-1 : bind9 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5439 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

[SECURITY] Fedora 38 Update: bind-dyndb-ldap-11.10-17.fc38

This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server...