MiracleLinux 9 : bind-9.16.23-5.el9 (AXSA:2023-4746:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4746:01 advisory. bind: DNS forwarders - cache poisoning vulnerability CVE-2021-25220 bind: DoS from specifically crafted TCP packets CVE-2022-0396 Tenable has...

MiracleLinux 8 : bind9.16-9.16.23-0.9.el8.1 (AXSA:2022-4253:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4253:06 advisory. bind: DNS forwarders - cache poisoning vulnerability CVE-2021-25220 bind: DoS from specifically crafted TCP packets CVE-2022-0396 Tenable has...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

bind: DNS forwarders - cache poisoning vulnerability

A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...

RHEL 8 : bind and dhcp (RHSA-2024:2720)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2720 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

AIX 7.3 TL 0 : bind (IJ40614)

https://vulners.com/cve/CVE-2021-25220 https://vulners.com/cve/CVE-2021-25220 ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when using DNS forwarders. An attacker could exploit this vulnerability to poison the cache with incorrect records leading to...

AIX 7.2 TL 5 : bind (IJ40615)

https://vulners.com/cve/CVE-2021-25220 https://vulners.com/cve/CVE-2021-25220 ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when using DNS forwarders. An attacker could exploit this vulnerability to poison the cache with incorrect records leading to...

AIX 7.1 TL 5 : bind (IJ40617)

https://vulners.com/cve/CVE-2021-25220 https://vulners.com/cve/CVE-2021-25220 ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when using DNS forwarders. An attacker could exploit this vulnerability to poison the cache with incorrect records leading to...

RHEL 7 : bind (RHSA-2023:0402)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0402 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

RHEL 9 : bind (RHSA-2022:8068)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8068 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

bind: DNS forwarders - cache poisoning vulnerability

A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...

Moderate: dhcp security and enhancement update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

RHEL 8 : bind9.16 (RHSA-2022:7643)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7643 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

CVE-2021-25220 DNS forwarders - cache poisoning vulnerability

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as th...

Updated bind packages fix security vulnerability

DNS forwarders - cache poisoning vulnerability. CVE-2021-25220...

MGASA-2022-0108 Updated bind packages fix security vulnerability

DNS forwarders - cache poisoning vulnerability. CVE-2021-25220...

PT-2021-7348

Name of the Vulnerable Software and Affected Versions BIND versions 9.11.0 through 9.11.36 BIND versions 9.12.0 through 9.16.26 BIND versions 9.17.0 through 9.18.0 BIND Supported Preview Editions versions 9.11.4-S1 through 9.11.36-S1 BIND Supported Preview Editions versions 9.16.8-S1 through...

SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

A group of academics from the University of California and Tsinghua University has uncovered a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks. Dubbed "SAD DNS attack" short for Side-channel AttackeD DNS, the technique makes it possible for a maliciou...