24 matches found
Amazon Linux 2 : bind (ALAS-2024-2625)
The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2625 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problem...
Oracle Linux 9 : bind (ELSA-2024-2551)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2551 advisory. - Prevent crashing at masterformat system test CVE-2023-6516 - Add downstream change complementing CVE-2023-50387 - Prevent increased CPU load on large...
F5 Networks BIG-IP : BIND vulnerability (K000138990)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2. It is, therefore, affected by a vulnerability as referenced in the K000138990 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not...
CentOS 9 : bind-9.16.23-13.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-13.el9 build changelog. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has...
EulerOS Virtualization 2.10.1 : dhcp (EulerOS-SA-2023-3493)
According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it ha...
EulerOS Virtualization 2.10.0 : bind (EulerOS-SA-2023-2930)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it h...
EulerOS 2.0 SP8 : bind (EulerOS-SA-2023-3113)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...
EulerOS 2.0 SP9 : dhcp (EulerOS-SA-2023-3327)
According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent...
EulerOS Virtualization 3.0.6.0 : bind (EulerOS-SA-2023-3419)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it h...
EulerOS Virtualization 2.9.1 : bind (EulerOS-SA-2023-2949)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it h...
Fedora 39 : bind / bind-dyndb-ldap (2023-c0ff5a2f68)
The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0ff5a2f68 advisory. Update to BIND 9.18.16 Selected parts from upstream release notes. Visit that for details of bug fixes. Security Fixes - The overmem cleaning proces...
Rocky Linux 8 : bind (RLSA-2023:4102)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4102 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...
EulerOS 2.0 SP9 : bind (EulerOS-SA-2023-2572)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...
Amazon Linux AMI : bind (ALAS-2023-1789)
The version of bind installed on the remote host is prior to 9.8.2-0.68.rc1.90. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1789 advisory. A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished...
Oracle Linux 9 : bind (ELSA-2023-4099)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4099 advisory. 32:9.16.23-11.1 - Improve RBT overmem cache cleaning CVE-2023-2828 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 8 : bind9.16 (ELSA-2023-4100)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4100 advisory. 32:9.16.23-14.1 - Improve RBT overmem cache cleaning CVE-2023-2828 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 8 : bind (ELSA-2023-4102)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4102 advisory. 32:9.11.36-8.1 - Improve RBT overmem cache cleaning CVE-2023-2828 Tenable has extracted the preceding description block directly from the Oracle Linux security...
SUSE SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2794-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2794-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queri...
K000135252: BIND vulnerability CVE-2023-2829
Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...
CVE-2023-2829
A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...