444 matches found
K59448931: BIND vulnerability CVE-2017-3142
Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely o...
K36328238: The BIG-IP DNS system may erroneously display the TSIG key secret in plain text form
Security Advisory Description The BIG-IP DNS system may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configured a TSIG key in the BIG-IP DNS system. You used one of the following methods to vi...
K19443402: BIND vulnerability CVE-2021-25216
Security Advisory Description In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are...
K13591074: BIND vulnerability CVE-2020-8625
Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setti...
K03332436: The BIG-IP DNS Configuration utility may erroneously display the TSIG key secret in plain text form
Security Advisory Description The BIG-IP DNS Configuration utility may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configure a TSIG key in the BIG-IP DNS system. You use the Configuration...
SUSE CVE-2016-7073
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found...
SUSE CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
SUSE CVE-2020-8625
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...
SUSE CVE-2020-24696
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature...
SUSE CVE-2021-25216
In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version an...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-1244)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2023-1244)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview...
Nutanix AHV : (NXSA-AHV-20201105.1161)
The version of AHV installed on the remote host is prior to 20201105.1161. It is, therefore, affected by a vulnerability as referenced in the NXSA-AHV-20201105.1161 advisory. - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a...
Ubuntu: Security Advisory (USN-3346-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-24698
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature...
bind security, bug fix, and enhancement update
32:9.11.36-2 - Reduce memory used per-view on machine with few processors 2030239 32:9.11.36-2 - Rebuilt on a new side-tag 2013993 32:9.11.36-1 - Update to 9.11.36 32:9.11.26-9 - Correct tsig system test 32:9.11.26-8 - Propagate ephemeral port ranges to chroot 1950714 32:9.11.26-7 - Do not reques...
AlmaLinux 8 : bind (ALSA-2021:0670)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:0670 advisory. - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default...
EulerOS Virtualization 3.0.2.6 : bind (EulerOS-SA-2021-2867)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-2867)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : bind Vulnerability (NS-SA-2021-0119)
The remote NewStart CGSL host, running version MAIN 6.02, has bind packages installed that are affected by a vulnerability: - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the...