198 matches found
bind: malformed DNSSEC key failed assertion denial of service
A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query for example, a query requiring a response from a zone containing a deliberately malformed key that would cause named functioning as ...
UBUNTU-CVE-2015-4620
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing crafted zone data and then...
Securing DNS Essential to Web's Future, Dan Kaminsky
CANCUN – “2015 got weird… really weird.” Those were some of the first words spoken by Dan Kaminsky in his talk today at the Kaspersky Security Analyst Summit Monday. He was referring to a few key events from the last several weeks: the Sony hack debacle, or what he called “North Korean or...
bind: heavy DNSSEC validation load can cause assertion failure
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service assertion...
bind: heavy DNSSEC validation load can cause assertion failure
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service assertion...
EUVD-2010-3610
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...
Alert Standard Format / Remote Management and Control Protocol Detection
Binary data asfrmcpdetect.nbin...
Domains Using .Org to Have Tighter Security
The Public Interest Registry will add an extra layer of security known as DNS Security Extensions DNSSEC to the .org domain in June — a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. Read the full article. Network World...
DEBIAN-CVE-2010-0097
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...
BIND DNSSEC NSEC/NSEC3 validation code could cause bogus NXDOMAIN responses
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records, which allows remote attackers to add the Authenticated Data AD flag to a forged NXDOMAIN response for an existing domain...
FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:01.bind.asc ADV FreeBSD-SA-10:01.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-10:01.bind.asc Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft...
FreeBSD Security Advisory (FreeBSD-SA-10:01.bind.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:01.bind.asc SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
FreeBSD Security Advisory (FreeBSD-SA-07:02.bind.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:02.bind.asc ADV FreeBSD-SA-07:02.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...
FreeBSD Security Advisory (FreeBSD-SA-06:20.bind.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:20.bind.asc ADV FreeBSD-SA-06:20.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...
FreeBSD Security Advisory (FreeBSD-SA-06:20.bind.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:20.bind.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : xorg-server vulnerabilities (USN-616-1)
Multiple flaws were found in the RENDER, RECORD, and Security extensions of X.org which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges or crash X. CVE-2008-1377, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362 It...
RHEL 4 : xorg-x11 (RHSA-2008:0503)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0503 advisory. - X.org Record and Security extensions memory corruption CVE-2008-1377 - X.org MIT-SHM extension arbitrary memory read CVE-2008-1379 - X.org...
BIND vulnerable to an assertion failure when querying for SIG records
Overview A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system. Description The Berkeley Internet Name Domain BIND is a popular Domain Name System DNS implementation from Internet Systems Consortium ISC. A flaw exists in the...