Lucene search
K

2379 matches found

CVE
CVE
added 2007/07/24 5:0 p.m.95 views

CVE-2007-2925

CVE-2007-2925 affects ISC BIND 9.4.0/9.4.1 and 9.5.0a1–9.5.0a5 where default ACLs do not enable allow-recursion or allow-query-cache, allowing remote recursion against the cache. Upstream fixes exist (e.g., 9.5.0a6, and related patches for 9.4.x/9.5.x lines). Several advisories note the issue and...

5.8CVSS8.4AI score0.06199EPSS
Exploits0References15Affected Software1
Debian CVE
Debian CVE
added 2007/07/24 5:0 p.m.28 views

CVE-2007-2925

The default access control lists ACL in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache...

5.8CVSS8.3AI score0.06199EPSS
Exploits0
securityvulns
securityvulns
added 2007/07/20 12:0 a.m.28 views

JWIG DoS

Loop on recursive template referencing...

7.8CVSS2.4AI score0.02109EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2007/07/13 6:57 p.m.55 views

USN-483-1: libnet-dns-perl vulnerabilities

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible machine-in-the-middle attacks. CVE-2007-3377 Steffen Ullrich discovered that the Net::DNS Perl module did not correctly...

7.5CVSS7.3AI score0.03489EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/05/01 12:0 a.m.16 views

ISC BIND 9 'query.c' Function Unspecified Recursive Query DoS

Binary data 3978.prm...

7.1CVSS7.3AI score0.07614EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2007/05/01 12:0 a.m.35 views

ISC BIND < 9.4.1 / 9.5.0a4 query.c query_addsoa Function Recursive Query DoS

The version of BIND installed on the remote host reportedly is affected by a denial of service vulnerability that may be triggered when handling certain sequences of recursive queries. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25121; scriptversion"1.21";...

7.1CVSS6.6AI score0.07614EPSS
Exploits0References4
Prion
Prion
added 2007/02/13 1:28 a.m.25 views

Race condition

Race condition in recursive directory deletion with the 1 -r or 2 -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to...

2.6CVSS6.4AI score0.00338EPSS
Exploits0References8Affected Software2
FreeBSD
FreeBSD
added 2007/02/09 12:0 a.m.34 views

bind -- Multiple Denial of Service vulnerabilities

Problem Description: A type ANY query response containing multiple RRsets can trigger an assertion failure. Certain recursive queries can cause the nameserver to crash by using memory which has already been freed. Impact: A remote attacker sending a type ANY query to an authoritative DNS server f...

6.2AI score
Exploits0
Fedora
Fedora
added 2007/01/10 3:57 p.m.30 views

[SECURITY] Fedora Core 5 Update: wget-1.10.2-3.3.fc5

GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest wit...

5CVSS0.8AI score0.03944EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/12/30 12:0 a.m.30 views

FreeBSD : bind9 -- Denial of Service in named(8) (ef3306fc-8f9b-11db-ab33-000e0c2e438a)

Problem Description For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named8 daemon. Also for a recursive DNS server, an assertion failure ca...

7.5CVSS6.7AI score0.12551EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2006/09/15 12:0 a.m.31 views

BIND: Denial of service

Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Queries for SIG records will cause an assertion error if more than one SIG RRset is returned. Additionally, an INSIST failure can be triggered by sending multiple recursive...

7.5CVSS8.5AI score0.12551EPSS
Exploits1
OSV
OSV
added 2006/09/06 12:4 a.m.2 views

DEBIAN-CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

5CVSS6.8AI score0.08684EPSS
Exploits1References1
OSV
OSV
added 2006/09/06 12:4 a.m.6 views

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

7.3AI score
Exploits0References42
Cvelist
Cvelist
added 2006/09/06 12:0 a.m.25 views

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

7.2AI score0.08684EPSS
Exploits1References41
FreeBSD Advisory
FreeBSD Advisory
added 2006/09/06 12:0 a.m.14 views

FreeBSD-SA-06:20.bind

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:20.bind Security Advisory The FreeBSD Project Topic: Denial of Service in named8 Category: contrib Module: bind Announced: 2006-09-06 Credits: The Measurement...

7.5CVSS6.8AI score0.12551EPSS
Exploits1
Debian CVE
Debian CVE
added 2006/09/06 12:0 a.m.27 views

CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

5CVSS6.1AI score0.08684EPSS
Exploits1
FreeBSD
FreeBSD
added 2006/09/06 12:0 a.m.37 views

bind9 -- Denial of Service in named(8)

Problem Description For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named8 daemon. Also for a recursive DNS server, an assertion failure ca...

8.5AI score
Exploits0
CERT
CERT
added 2006/09/05 12:0 a.m.38 views

BIND vulnerable to an INSIST failure via sending of multiple recursive queries

Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...

7.7AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/07/20 1:17 p.m.5 views

security flaw

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service "endless recursive fault" via unknown attack vectors related to a "bad elf entry address."...

1.2CVSS5.8AI score0.00367EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/05/24 9:31 a.m.5 views

security flaw

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service "endless recursive fault" via unknown attack vectors related to a "bad elf entry address."...

1.2CVSS5.8AI score0.00367EPSS
Exploits0References4
Rows per page
Query Builder