Lucene search
+L

444 matches found

F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.43 views

K59448931: BIND vulnerability CVE-2017-3142

Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely o...

5.3CVSS6.6AI score0.05356EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:32 p.m.23 views

K36328238: The BIG-IP DNS system may erroneously display the TSIG key secret in plain text form

Security Advisory Description The BIG-IP DNS system may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configured a TSIG key in the BIG-IP DNS system. You used one of the following methods to vi...

6.7AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.51 views

K19443402: BIND vulnerability CVE-2021-25216

Security Advisory Description In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are...

9.8CVSS8.6AI score0.82367EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.48 views

K13591074: BIND vulnerability CVE-2020-8625

Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setti...

8.1CVSS7.2AI score0.64161EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:11 p.m.18 views

K03332436: The BIG-IP DNS Configuration utility may erroneously display the TSIG key secret in plain text form

Security Advisory Description The BIG-IP DNS Configuration utility may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configure a TSIG key in the BIG-IP DNS system. You use the Configuration...

6.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:58 a.m.3 views

SUSE CVE-2016-7073

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found...

5.9CVSS6.7AI score0.01233EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.5 views

SUSE CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

6.5CVSS7.7AI score0.05545EPSS
Exploits0References114
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.6 views

SUSE CVE-2020-8625

BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the...

8.1CVSS7.9AI score0.64161EPSS
Exploits0References25
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.3 views

SUSE CVE-2020-24696

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature...

8.1CVSS7.7AI score0.01363EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.5 views

SUSE CVE-2021-25216

In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version an...

8.1CVSS8.6AI score0.82367EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-1244)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.64161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.41 views

EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2023-1244)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview...

8.1CVSS7AI score0.64161EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/09/01 12:0 a.m.45 views

Nutanix AHV : (NXSA-AHV-20201105.1161)

The version of AHV installed on the remote host is prior to 20201105.1161. It is, therefore, affected by a vulnerability as referenced in the NXSA-AHV-20201105.1161 advisory. - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a...

8.1CVSS7AI score0.64161EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-3346-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.18157EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2022/05/20 11:47 p.m.18 views

CVE-2020-24698

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature...

9.8CVSS3.9AI score0.04412EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.61 views

bind security, bug fix, and enhancement update

32:9.11.36-2 - Reduce memory used per-view on machine with few processors 2030239 32:9.11.36-2 - Rebuilt on a new side-tag 2013993 32:9.11.36-1 - Update to 9.11.36 32:9.11.26-9 - Correct tsig system test 32:9.11.26-8 - Propagate ephemeral port ranges to chroot 1950714 32:9.11.26-7 - Do not reques...

5.3CVSS2.4AI score0.08001EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.27 views

AlmaLinux 8 : bind (ALSA-2021:0670)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:0670 advisory. - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default...

8.1CVSS7AI score0.64161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/01/06 12:0 a.m.55 views

EulerOS Virtualization 3.0.2.6 : bind (EulerOS-SA-2021-2867)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration...

8.1CVSS7.5AI score0.64161EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-2867)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.6AI score0.64161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.32 views

NewStart CGSL MAIN 6.02 : bind Vulnerability (NS-SA-2021-0119)

The remote NewStart CGSL host, running version MAIN 6.02, has bind packages installed that are affected by a vulnerability: - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the...

8.1CVSS7AI score0.64161EPSS
Exploits0References3
Rows per page
Query Builder