Lucene search
+L

94 matches found

nessus
nessus
added 2012/09/17 12:0 a.m.42 views

ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS

According to its self-reported version number, the remote installation of BIND will exit with an assertion failure if a resource record with RDATA in excess of 65535 bytes is loaded and then subsequently queried. Note that Nessus has only relied on the version itself and has not attempted to...

7.8CVSS6.8AI score0.36798EPSS
Exploits0References6
freebsd
freebsd
added 2012/09/12 12:0 a.m.30 views

dns/bind9* -- Several vulnerabilities

ISC reports: Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes. Prevents a crash when validating caused by using "Bad cache" data before it has been initialized. ISCQUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak...

0.5AI score
Exploits0
redhat
redhat
added 2012/07/23 5:51 p.m.7 views

bind: handling of zero length rdata can cause named to terminate unexpectedly

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

8.5CVSS6.8AI score0.13405EPSS
Exploits1References5
nessus
nessus
added 2012/06/28 12:0 a.m.32 views

FreeBSD : FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) (fc5231b6-c066-11e1-b5e0-000c299b62e1)

Problem description : The named8 server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash o...

8.5CVSS6.7AI score0.13405EPSS
Exploits1References2
freebsd
freebsd
added 2012/06/12 12:0 a.m.36 views

FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8)

Problem description: The named8 server does not properly handle DNS resource records where the RDATA field is zero length, which may cause various issues for the servers handling them. Resolving servers may crash or disclose some portion of memory to the client. Authoritative servers may crash on...

8.5CVSS8.7AI score0.13405EPSS
Exploits1
freebsd_advisory
freebsd_advisory
added 2012/06/12 12:0 a.m.21 views

FreeBSD-SA-12:03.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:03.bind Security Advisory The FreeBSD Project Topic: Incorrect handling of zero-length RDATA fields in named8 Category: contrib Module: bind Announced:...

8.5CVSS6.8AI score0.13405EPSS
Exploits1
opensuse
opensuse
added 2012/06/11 4:8 p.m.42 views

bind: Fixed a remote denial of service (important)

A remote denial of service in the bind nameserver via zero length rdata fields was fixed...

8.5CVSS3.5AI score0.13405EPSS
Exploits1References1
redhat
redhat
added 2012/06/07 4:42 p.m.7 views

bind: handling of zero length rdata can cause named to terminate unexpectedly

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

8.5CVSS6.8AI score0.13405EPSS
Exploits1References5
osv
osv
added 2012/06/05 4:55 p.m.3 views

DEBIAN-CVE-2012-1667

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

8.5CVSS6.5AI score0.13405EPSS
Exploits1References1
prion
prion
added 2012/06/05 4:55 p.m.66 views

Memory corruption

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service daemon crash or data corruption or obta...

8.5CVSS7AI score0.13405EPSS
Exploits1References16Affected Software1
nessus
nessus
added 2012/06/05 12:0 a.m.36 views

FreeBSD : dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory (1ecc0d3f-ae8e-11e1-965b-0024e88a8c98)

ISC reports : Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary server...

8.5CVSS6.8AI score0.13405EPSS
Exploits1References3
cert
cert
added 2012/06/04 12:0 a.m.53 views

ISC BIND 9 zero length rdata named vulnerability

Overview ISC BIND 9 named contains a vulnerability that could allow a attacker to cause named to terminate unexpectedly. Description According to ISC's security advisory:This problem was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null ze...

8.5CVSS8.3AI score0.13405EPSS
Exploits1References1
freebsd
freebsd
added 2012/06/04 12:0 a.m.46 views

dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory

ISC reports: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers...

8.5CVSS8.7AI score0.13405EPSS
Exploits1References1
checkpoint_advisories
checkpoint_advisories
added 2012/02/12 12:0 a.m.5 views

ISC BIND Zero Length RDATA Denial of Service - Ver2 (CVE-2012-1667)

A denial of service vulnerability has been reported in ISC BIND. The vulnerability is due to improper handling of zero-length RDATA in certain record types. A remote attacker can exploit this issue by loading a specially crafted file to the DNS server. Successful exploitation would cause the serv...

8.5CVSS8.2AI score0.13405EPSS
Exploits1
Rows per page
Query Builder