Lucene search
+L

168 matches found

OSV
OSV
added 2024/02/13 3:30 p.m.13 views

USN-6633-1 bind9 vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. CVE-2023-4408 Elias Heftrig, Haya Schulmann,...

7.5CVSS7AI score0.99995EPSS
Exploits1References6
OSV
OSV
added 2024/02/13 12:0 a.m.3 views

UBUNTU-CVE-2023-50868

The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of service CPU consumption for SHA-1 computations via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification...

7.5CVSS6.8AI score0.99995EPSS
Exploits1References14
F5 Networks
F5 Networks
added 2023/06/27 4:43 p.m.38 views

K000135252: BIND vulnerability CVE-2023-2829

Security Advisory Description A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9...

7.5CVSS7.1AI score0.00868EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/23 1:45 a.m.6 views

SUSE CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS6.9AI score0.00868EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/06/22 6:17 a.m.56 views

CVE-2023-2829

A vulnerability was found in BIND. This security flaw occurs when a named instance is configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled; remote termination can occur using a zone with a malformed...

7.5CVSS7.3AI score0.00868EPSS
Exploits0References4
NVD
NVD
added 2023/06/21 5:15 p.m.28 views

CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7.7AI score0.00868EPSS
Exploits0References2
OSV
OSV
added 2023/06/21 5:15 p.m.6 views

AZL-27305 CVE-2023-2829 affecting package bind for versions less than 9.16.44-1

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7.3AI score0.00868EPSS
Exploits0References1
Prion
Prion
added 2023/06/21 5:15 p.m.131 views

Design/Logic Flaw

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

5CVSS7.5AI score0.00868EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/21 4:26 p.m.63 views

CVE-2023-2829 Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7.8AI score0.00868EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/21 4:26 p.m.26 views

CVE-2023-2829 Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7AI score0.00868EPSS
Exploits0References2
CVE
CVE
added 2023/06/21 4:26 p.m.224 views

CVE-2023-2829

CVE-2023-2829 affects BIND 9: named may terminate when synth-from-dnssec is enabled and a zone contains a malformed NSEC record. Affected versions are BIND 9.16.8-S1–9.16.41-S1 and 9.18.11-S1–9.18.15-S1. The issue is caused by parsing/processing of DNSSEC-cache data (NSEC) and can be triggered re...

7.5CVSS7.7AI score0.00868EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/06/21 4:26 p.m.39 views

CVE-2023-2829

A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through...

7.5CVSS7.1AI score0.00868EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/21 12:0 a.m.39 views

ISC BIND 9.16.8-S1 < 9.16.42-S1 / 9.18.11-S1 < 9.18.16-S1 Vulnerability (cve-2023-2829)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-2829 advisory. - A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated...

7.5CVSS7.5AI score0.00868EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/21 12:0 a.m.5 views

PT-2023-21641 · Isc +1 · Bind 9 +1

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.8-S1 through 9.16.41-S1 BIND 9 versions 9.18.11-S1 through 9.18.15-S1 Description: A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198...

7.5CVSS6.8AI score0.03776EPSS
Exploits0References22
NVD
NVD
added 2023/05/11 1:15 p.m.15 views

CVE-2023-0853

Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF74...

9.8CVSS9.9AI score0.01163EPSS
Exploits0References4
Prion
Prion
added 2023/05/11 1:15 p.m.26 views

Buffer overflow

Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF74...

7.5CVSS9.7AI score0.01163EPSS
Exploits0References4Affected Software45
Cvelist
Cvelist
added 2023/05/11 12:0 a.m.22 views

CVE-2023-0853

Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF74...

9.8CVSS10AI score0.01163EPSS
Exploits0References4
CVE
CVE
added 2023/05/11 12:0 a.m.58 views

CVE-2023-0853

CVE-2023-0853 affects Canon imageCLASS/LBP/ MF series printers. A stack-based buffer overflow in the mDNS NSEC record registering process can allow network-adjacent attackers to trigger a crash or arbitrary code execution. Canon firmware versions prior to 11.05 (11.04 and earlier) on Canon LBP660...

9.8CVSS9.8AI score0.01163EPSS
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.35 views

K16576941: ISC BIND vulnerability CVE-2018-5737

Security Advisory Description A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching...

7.5CVSS6.1AI score0.10355EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:31 a.m.4 views

SUSE CVE-2014-0591

The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafted DNS query to an authoritativ...

2.6CVSS7.4AI score0.31671EPSS
Exploits1References5
Rows per page
Query Builder