2379 matches found
CVE-2007-2925
CVE-2007-2925 affects ISC BIND 9.4.0/9.4.1 and 9.5.0a1–9.5.0a5 where default ACLs do not enable allow-recursion or allow-query-cache, allowing remote recursion against the cache. Upstream fixes exist (e.g., 9.5.0a6, and related patches for 9.4.x/9.5.x lines). Several advisories note the issue and...
CVE-2007-2925
The default access control lists ACL in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache...
JWIG DoS
Loop on recursive template referencing...
USN-483-1: libnet-dns-perl vulnerabilities
Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible machine-in-the-middle attacks. CVE-2007-3377 Steffen Ullrich discovered that the Net::DNS Perl module did not correctly...
ISC BIND 9 'query.c' Function Unspecified Recursive Query DoS
Binary data 3978.prm...
ISC BIND < 9.4.1 / 9.5.0a4 query.c query_addsoa Function Recursive Query DoS
The version of BIND installed on the remote host reportedly is affected by a denial of service vulnerability that may be triggered when handling certain sequences of recursive queries. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25121; scriptversion"1.21";...
Race condition
Race condition in recursive directory deletion with the 1 -r or 2 -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to...
bind -- Multiple Denial of Service vulnerabilities
Problem Description: A type ANY query response containing multiple RRsets can trigger an assertion failure. Certain recursive queries can cause the nameserver to crash by using memory which has already been freed. Impact: A remote attacker sending a type ANY query to an authoritative DNS server f...
[SECURITY] Fedora Core 5 Update: wget-1.10.2-3.3.fc5
GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest wit...
FreeBSD : bind9 -- Denial of Service in named(8) (ef3306fc-8f9b-11db-ab33-000e0c2e438a)
Problem Description For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named8 daemon. Also for a recursive DNS server, an assertion failure ca...
BIND: Denial of service
Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Queries for SIG records will cause an assertion error if more than one SIG RRset is returned. Additionally, an INSIST failure can be triggered by sending multiple recursive...
DEBIAN-CVE-2006-4096
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...
CVE-2006-4096
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...
CVE-2006-4096
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...
FreeBSD-SA-06:20.bind
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:20.bind Security Advisory The FreeBSD Project Topic: Denial of Service in named8 Category: contrib Module: bind Announced: 2006-09-06 Credits: The Measurement...
CVE-2006-4096
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...
bind9 -- Denial of Service in named(8)
Problem Description For a recursive DNS server, a remote attacker sending enough recursive queries for the replies to arrive after all the interested clients have left the recursion queue will trigger an INSIST failure in the named8 daemon. Also for a recursive DNS server, an assertion failure ca...
BIND vulnerable to an INSIST failure via sending of multiple recursive queries
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...
security flaw
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service "endless recursive fault" via unknown attack vectors related to a "bad elf entry address."...
security flaw
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service "endless recursive fault" via unknown attack vectors related to a "bad elf entry address."...