Lucene search
+L

40 matches found

slackware
slackware
added 2023/06/22 1:55 a.m.39 views

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.16.42-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Exceeding the recursive-clients quota may cause named t...

7.5CVSS7.5AI score0.02575EPSS
Exploits0
openvas
openvas
added 2023/06/22 12:0 a.m.23 views

ISC BIND DoS Vulnerability (CVE-2023-2911) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

7.5CVSS7.5AI score0.02575EPSS
Exploits0References1
redhatcve
redhatcve
added 2023/06/21 10:25 p.m.24 views

CVE-2023-2911

A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with stale-answer-enable yes; and stale-answer-client-timeout 0;. A sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly...

7.5CVSS7.1AI score0.02575EPSS
Exploits0References4
osv
osv
added 2023/06/21 5:15 p.m.9 views

AZL-27237 CVE-2023-2911 affecting package bind for versions less than 9.16.44-1

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS7.2AI score0.02575EPSS
Exploits0References1
osv
osv
added 2023/06/21 5:15 p.m.25 views

CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS6.7AI score0.02575EPSS
Exploits0References6
osv
osv
added 2023/06/21 5:15 p.m.4 views

ALPINE-CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS6.8AI score0.02575EPSS
Exploits0References1
prion
prion
added 2023/06/21 5:15 p.m.121 views

Stack overflow

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

5CVSS7.4AI score0.02575EPSS
Exploits0References6Affected Software3
osv
osv
added 2023/06/21 5:11 p.m.22 views

USN-6183-1 bind9 vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-2828 It was discovered that Bind incorrectly handled the...

7.5CVSS6.9AI score0.03776EPSS
Exploits0References3
ubuntu
ubuntu
added 2023/06/21 5:11 p.m.70 views

USN-6183-1: Bind vulnerabilities

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. CVE-2023-2828 It was discovered that Bind incorrectly handled the...

7.5CVSS7.4AI score0.03776EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/06/21 4:26 p.m.21 views

CVE-2023-2911 Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS6.5AI score0.02575EPSS
Exploits0References6
debiancve
debiancve
added 2023/06/21 4:26 p.m.31 views

CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS7.7AI score0.02575EPSS
Exploits0
nessus
nessus
added 2023/06/21 12:0 a.m.42 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Bind vulnerabilities (USN-6183-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6183-1 advisory. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A...

7.5CVSS7.5AI score0.03776EPSS
Exploits0References3
osv
osv
added 2023/06/21 12:0 a.m.3 views

UBUNTU-CVE-2023-2911

If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versio...

7.5CVSS7.2AI score0.02575EPSS
Exploits0References4
osv
osv
added 2023/02/10 9:4 a.m.18 views

SUSE-SU-2023:0341-1 Security update for bind

This update for bind fixes the following issues: - Updated to version 9.16.37 jscSLE-24600: - CVE-2022-3094: Fixed an issue where a message flood could exhaust all available memory bsc1207471. - CVE-2022-3736: Fixed a potential crash upon receiving an RRSIG in configurations with stale cache and...

7.5CVSS7.5AI score0.5017EPSS
Exploits0References7
mscve
mscve
added 2023/02/07 8:0 a.m.3 views

named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

...

7.5CVSS7.8AI score0.15989EPSS
Exploits0
veracode
veracode
added 2023/01/29 2:53 p.m.37 views

Denial Of Service (DoS)

bind is vulnerable to Denial of Service DoS. The vulnerability exists because named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota causing an application crash...

7.5CVSS7.5AI score0.15989EPSS
Exploits0References6Affected Software3
osv
osv
added 2023/01/26 9:16 p.m.3 views

DEBIAN-CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS7.7AI score0.15989EPSS
Exploits0References1
cvelist
cvelist
added 2023/01/25 9:39 p.m.69 views

CVE-2022-3924 named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

7.5CVSS7.6AI score0.15989EPSS
Exploits0References1
osv
osv
added 2019/10/09 4:15 p.m.25 views

CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAI...

7.5CVSS6.4AI score0.05415EPSS
Exploits0References2
osv
osv
added 2005/07/19 4:0 a.m.3 views

DEBIAN-CVE-2005-2302

PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion...

2.1CVSS6.8AI score0.00388EPSS
Exploits0References1
Rows per page
Query Builder