EUVD-2024-17692

Malicious code in bioql PyPI...

Security Bulletin: AIX is vulnerable to a denial of service due to ISC BIND

Summary Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service CVE-2024-0760, CVE-2024-1737, CVE-2024-4076, CVE-2024-1975. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details CVEID:CVE-2024-0760 DESCRIPTION: ISC BIND is vulnerable to a...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-2520)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-2496)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-2545)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : bind (RHSA-2024:5894)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5894 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

bind: Fix of CVE-2024-1975

CVE-2024-1975: Remove support for SIG0 message verification - Fix tsiggss test...

Fedora 39 : bind / bind-dyndb-ldap (2024-ef8a7031e7)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-ef8a7031e7 advisory. Update to BIND 9.18.28 Security Fixes - A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to...

SUSE-SU-2024:2863-1 Security update for bind

This update for bind fixes the following issues: Update to 9.16.50: - Bug Fixes: A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. Using rndc flush inadvertently caused...

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2024:2810-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2810-1 advisory. - CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner...

SUSE SLES15 Security Update : bind (SUSE-SU-2024:2811-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2811-1 advisory. - CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner name, which has the...

SUSE-SU-2024:2811-1 Security update for bind

This update for bind fixes the following issues: - CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a configurable limit to the number of...

ROS-20240807-10

BIND DNS server vulnerability is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending multiple DNS messages over TCP The BIND DNS server vulnerability involves sending a large number of clie...

Important: bind

Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...

Ubuntu 18.04 LTS : Bind vulnerabilities (USN-6909-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6909-2 advisory. USN-6909-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding...

SUSE-SU-2024:2636-1 Security update for bind

This update for bind fixes the following issues: Update to release 9.18.28 Security fixes: - CVE-2024-0760: Fixed a flood of DNS messages over TCP may make the server unstable bsc1228255 - CVE-2024-1737: Fixed BIND's database will be slow if a very large number of RRs exist at the same name...

Denial Of Service (DoS)

libbind9.so is vulnerable to Denial of Service. The vulnerability is due to the handling of "KEY" Resource Records in DNSSEC-signed domains, allowing attackers to exhaust resolver CPU resources by sending a stream of SIG0 signed requests...

CVE-2024-1975

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

CVE-2024-1975 SIG(0) can be used to exhaust CPU resources

If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

CVE-2024-1975

CVE-2024-1975 describes a denial-of-service in ISC BIND where a client can exhaust resolver CPU by sending a flood of SIG(0) signed requests if a zone contains a KEY RR or DNSSEC validation occurs from cache. Affected are BIND 9.x builds listed in the CVE description (notably older 9.x releases u...