Lucene search
+L

17 matches found

nessus
nessus
added 2026/02/12 12:0 a.m.3 views

ISC BIND 9.20.0 < 9.20.9 / 9.21.0 < 9.21.8 Assertion Failure (cve-2025-40775)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40775 advisory. - When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains a...

7.5CVSS5.6AI score0.12301EPSS
Exploits1References2
nessus
nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: bind (CVE-2025-40775)

The version of bind installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-40775 advisory. - When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSI...

7.5CVSS5.6AI score0.12301EPSS
Exploits1References2
f5
f5
added 2025/07/23 11:3 p.m.11 views

K000152700: BIND vulnerability CVE-2025-40775

Security Advisory Description When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20...

7.5CVSS7.9AI score0.12301EPSS
Exploits1
cbl_mariner
cbl_mariner
added 2025/07/10 3:9 p.m.8 views

CVE-2025-40775 affecting package bind for versions less than 9.20.9-1

CVE-2025-40775 affecting package bind for versions less than 9.20.9-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.3AI score0.12301EPSS
Exploits1
suse
suse
added 2025/05/30 5:15 p.m.3 views

Security update for bind

This update for bind fixes the following issues: Update to version 9.20.9. Security issues fixed: CVE-2025-40775: denial-of-service due to assertion failure caused by the processing of a NS message with an invalid TSIG bsc1243361. CVE-2024-12705: CPU and memory exhaustion due to DNS-over-HTTPS...

8.7CVSS7.9AI score0.17935EPSS
Exploits1References12
nessus
nessus
added 2025/05/30 12:0 a.m.12 views

Photon OS 5.0: Bindutils PHSA-2025-5.0-0525

An update of the bindutils package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0525. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS8.3AI score0.12301EPSS
Exploits1References2
opensuse
opensuse
added 2025/05/27 12:0 a.m.8 views

bind-9.20.9-1.1 on GA media (moderate)

bind-9.20.9-1.1 on GA media Announcement ID: openSUSE-SU-2025:15156-1 Rating: moderate Cross-References: CVE-2025-40775 CVSS scores: CVE-2025-40775 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-40775 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

8.7CVSS7.3AI score0.12301EPSS
Exploits1
openvas
openvas
added 2025/05/22 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-7526-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.12301EPSS
Exploits1References2
nvd
nvd
added 2025/05/21 1:16 p.m.11 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.12301EPSS
Exploits1References3
osv
osv
added 2025/05/21 1:16 p.m.12 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS7.1AI score0.12301EPSS
Exploits1References3
circl
circl
added 2025/05/21 12:42 p.m.37 views

CVE-2025-40775

creationtimestamp| type| source ---|---|--- 2025-05-21 12:42:29+00:00| seen| https://bsky.app/profile/isc.org/post/3lpomtemjzc2e 2025-05-21 12:55:13+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114545925360783971 2025-05-21 14:11:48+00:00| seen|...

7.5CVSS7.6AI score0.12301EPSS
Exploits1References16
vulnrichment
vulnrichment
added 2025/05/21 12:35 p.m.12 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS6.9AI score0.12301EPSS
Exploits1References1
cve
cve
added 2025/05/21 12:35 p.m.183 views

CVE-2025-40775

CVE-2025-40775 affects ISC BIND 9, specifically versions 9.20.0–9.20.8 and 9.21.0–9.21.7. The root cause is an invalid value in the TSIG algorithm field in an incoming DNS message, which causes BIND to abort with an assertion failure. The impact is remote denial of service via crafted TSIGs. A fi...

7.5CVSS7.5AI score0.12301EPSS
Exploits1References3
cvelist
cvelist
added 2025/05/21 12:35 p.m.22 views

CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS0.12301EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2025/05/21 12:0 a.m.10 views

CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS7.3AI score0.12301EPSS
Exploits1References2
openvas
openvas
added 2025/05/21 12:0 a.m.10 views

ISC BIND DoS Vulnerability (CVE-2025-40775) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

7.5CVSS7.4AI score0.12301EPSS
Exploits1References2
openvas
openvas
added 2025/05/21 12:0 a.m.48 views

ISC BIND DoS Vulnerability (CVE-2025-40775) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

7.5CVSS7.4AI score0.12301EPSS
Exploits1References2
Rows per page
Query Builder