21 matches found
EUVD-2019-16035
Malware in sbrugna...
K15927: BIND vulnerability CVE-2014-8500
Security Advisory Description ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory consumption and named crash via a large or infinite number of referrals. CVE-2014-8500...
ISC BIND DoS Vulnerability (CVE-2021-25215) - Linux
ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Akamai's DNS Contribution to Internet Resiliency
Background Akamai Technologies recently contributed its "Serve Stale" DNS algorithm to Version 9 of the Internet Systems Consortium's ISC Berkeley Internet Name Domain BIND open source Domain Name System DNS project. As the Internet's most widely used DNS implementation, BIND operates ubiquitousl...
Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20151216)
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...
bind: responses with a malformed class attribute can trigger an assertion failure in db.c
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...
bind: responses with a malformed class attribute can trigger an assertion failure in db.c
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...
bind: responses with a malformed class attribute can trigger an assertion failure in db.c
A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive serve...
Oracle: Security Advisory (ELSA-2011-1459)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2011-1458)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P2-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where an error in the handling...
Oracle Linux 5 : bind97 (ELSA-2011-1459)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1459 advisory. 32:9.7.0-6.P2.4 - fix DOS against recursive servers 754398 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...
FreeBSD -- BIND remote denial of service
A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named8 process. This affects both recursive and authoritative servers...
dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory
ISC reports: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers...
bind: Remote denial of service against recursive servers via logging negative cache entry
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...
bind: Remote denial of service against recursive servers via logging negative cache entry
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...
bind: Remote denial of service against recursive servers via logging negative cache entry
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service assertion failure and named exit via unknown vectors related to recursive DNS...
bind97 security update
32:9.7.0-6.P2.4 - fix DOS against recursive servers 754398...
bind security update
32:9.7.3-2.3.P3 - fix DOS against recursive servers 754398 32:9.7.3-2.2.P3 - update to 9.7.3-P3 CVE-2011-2464 32:9.7.3-2.1.P1 - update to 9.7.3-P1 CVE-2011-1910...
DNS Recursion bandwidth amplification Denial of Service PoC
No description provided by source. !/usr/bin/perl Get Net::RawIP at http://search.cpan.org/CPAN/authors/id/S/SZ/SZABGAB/Net-RawIP-0.2101.tar.gz cpan Net::DNS:Resolver seems to work fine on each machine I throw it on, as well. PS: To see if you can spoof, check out the ANA Spoofer project...