Lucene search
K

14 matches found

F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.34 views

K44501040: BIND vulnerability CVE-2022-2906

Security Advisory Description An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service. CVE-2022-2906 Impact There is ...

7.5CVSS7.3AI score0.01646EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.32 views

GLSA-202210-25 : ISC BIND: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-25 ISC BIND: Multiple Vulnerabilities - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1...

8.2CVSS7AI score0.08001EPSS
Exploits0References13
Cloud Foundry
Cloud Foundry
added 2022/10/28 12:0 a.m.49 views

USN-5626-1: Bind vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of...

8.2CVSS7.2AI score0.02299EPSS
Exploits0Affected Software3
OpenVAS
OpenVAS
added 2022/09/23 12:0 a.m.17 views

ISC BIND DoS Vulnerability (CVE-2022-2906) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

7.5CVSS7.5AI score0.01646EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/09/22 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-5626-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.1AI score0.02299EPSS
Exploits0References2
CISA
CISA
added 2022/09/22 12:0 a.m.35 views

ISC Releases Security Advisories for Multiple Versions of BIND 9

The Internet Systems Consortium ISC has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain BIND 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. For advisories...

2.6AI score0.02299EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.91 views

ISC BIND 9.18.0 < 9.18.7 / 9.19.0 < 9.19.5 Memory Exhaustion (cve-2022-2906)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-2906 advisory. - An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of...

7.5CVSS7.4AI score0.01646EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/09/21 12:49 p.m.28 views

CVE-2022-2906

A flaw was found in the Bind package, where a flaw in ‘named’ can cause a small memory leak in key processing when using TKEY records in Diffie-Hellman mode with OpenSSL 3.0.0 and later versions. This flaw allows an attacker to gradually erode available memory to the point where ‘named’ crashes d...

7.5CVSS4.1AI score0.01646EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2022/09/21 11:39 a.m.81 views

USN-5626-1: Bind vulnerabilities

Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. CVE-2022-2795 It was discovered that Bind incorrectly handled statistics requests. ...

8.2CVSS6.8AI score0.02299EPSS
Exploits0
OSV
OSV
added 2022/09/21 11:15 a.m.33 views

CVE-2022-2906

An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service...

7.5CVSS3.5AI score0.01646EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/09/21 10:15 a.m.5 views

CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)

An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service...

7.5CVSS7.4AI score0.01646EPSS
Exploits0References3
CVE
CVE
added 2022/09/21 10:15 a.m.95 views

CVE-2022-2906

CVE-2022-2906 affects ISC BIND. The provided documents describe a memory-exhaustion vulnerability that can allow a remote attacker to gradually erode available memory, potentially causing the named DNS server to crash (denial of service) under resource pressure. Several connected sources corrobor...

7.5CVSS7.4AI score0.01646EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/09/21 10:15 a.m.24 views

CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)

An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service...

7.5CVSS7.7AI score0.01646EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/09/21 12:0 a.m.63 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Bind vulnerabilities (USN-5626-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5626-1 advisory. Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker...

8.2CVSS6.8AI score0.02299EPSS
Exploits0References7
Rows per page
Query Builder