8 matches found
K14204: BIND vulnerability CVE-2011-4313
Security Advisory Description ISC reports that query.c in BIND may allow remote attackers to cause a denial-of-service assertion failure and named exit. The vulnerability uses unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. Th...
SolarWinds Hack and the Case of DNS Security
It's not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it's the reason I didn't have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after...
Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial o...
CVE-2011-4313
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...
CVE-2011-4313
Description summary: CVE-2011-4313 affects ISC BIND 9.0.x–9.9.0b1 and can cause a remote denial of service (assertion failure and named exit) triggered by certain recursive DNS query handling and the caching of an invalid record. Root cause / impact: the issue is tied to the resolver’s processing...
CVE-2011-4313
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...
Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit th...
CVE-2002-2211
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed responses, which increases the possibility of...