Lucene search
+L

213 matches found

OSV
OSV
added 2016/03/09 8:0 p.m.4 views

UBUNTU-CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...

6.8CVSS7AI score0.59143EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2016/03/09 12:0 a.m.84 views

bind: denial of service

CVE-2016-1285: Testing by ISC has uncovered a defect in control channel input handling which can cause named to exit due to an assertion failure in sexpr.c or alist.c when a malformed packet is sent to named's control channel the interface which allows named to be controlled using the 'rndc"...

5CVSS0.5AI score0.621EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/07/07 12:0 a.m.15 views

ISC BIND 9 Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS

Binary data 5981.prm...

2.6CVSS7.3AI score0.0888EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/07/07 12:0 a.m.56 views

ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS

According to its self-reported version number, the remote installation of BIND is potentially affected by a denial of service vulnerability. If an attacker sends a specially crafted request to a BIND server that has recursion enabled and Response Policy Zones RPZ configured, it may cause the name...

2.6CVSS5.4AI score0.0888EPSS
Exploits1References2
CERT
CERT
added 2011/07/05 12:0 a.m.49 views

ISC BIND 9 RPZ zone named denial-of-service vulnerability

Overview ISC BIND 9 contains a remote crashing vulnerability when running with certain RPZ configurations. Description According to ISC:A defect in the affected versions of BIND could cause the "named" process to exit when queried, if the server has recursion enabled and was configured with an RP...

2.6CVSS6AI score0.0888EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/01/26 12:0 a.m.38 views

openSUSE Security Update : bind (bind-1845)

bind when configured for DNSSEC could incorrectly cache NXDOMAIN responses CVE-2010-0097. Moreover, the fix for CVE-2009-4022 was incomplete. Despite the previous fix CNAME and DNAME responses could be incorrectly cached CVE-2010-0290. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.3CVSS7.2AI score0.09363EPSS
Exploits1References4
OSV
OSV
added 2010/01/22 10:0 p.m.3 views

DEBIAN-CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

4CVSS6.9AI score0.06775EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/01/22 9:20 p.m.28 views

CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

8AI score0.06775EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2010/01/20 3:11 p.m.11 views

BIND upstream fix for CVE-2009-4022 is incomplete

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

4CVSS7.2AI score0.07952EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2010/01/19 12:0 a.m.26 views

CVE-2010-0290

Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query a...

4CVSS7.1AI score0.06775EPSS
Exploits0References3
NVD
NVD
added 2006/06/12 10:2 p.m.10 views

CVE-2006-2974

Multiple cross-site scripting XSS vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errCode and 2 uid parameter in a default.asp and 3 dname parameter in b /admin/dns.asp and c /additional/regdomaindone.asp...

2.6CVSS5.8AI score0.0122EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/06/12 10:0 p.m.19 views

CVE-2006-2974

Multiple cross-site scripting XSS vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 errCode and 2 uid parameter in a default.asp and 3 dname parameter in b /admin/dns.asp and c /additional/regdomaindone.asp...

5.8AI score0.0122EPSS
Exploits1References4
Redos
Redos
added 1976/01/01 12:0 a.m.6 views

ROS-2-2198

2.2198 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS10AI score0.82367EPSS
Exploits0
Rows per page
Query Builder