Medium: bind

Issue Overview: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12,...

Advisory ROSA-SA-2023-2279

Software: bind 9.11.4 OS: rosa-server79 packageevrstring: bind-9.11.4-26.P2.res7.15.x8664.rpm CVE-ID: CVE-2023-2828 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Each named instance configured to act as a recursive resolver maintains a cache database containing responses to queries it has recently sent ...

Advisory ROSA-SA-2023-2245

Software: bind 9.11.26 OS: ROSA Virtualization 2.1 packageevrstring: bind-9.11.26-6.rv3.src.rpm CVE-ID: CVE-2019-6470 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: There was a bug in a function in one of the ISC BIND libraries that dhcpd used when running in DHCPv6 mode. There was also a bug in dhcpd's...

Advisory ROSA-SA-2023-2121

Software: bind 9.11.4 OS: rosa-server79 packageevrstring: bind-9.11.4-26 CVE-ID: CVE-2022-2795 BDU-ID: 2022-06124 CVE-Crit: HIGH CVE-DESC: A vulnerability in the DNS BIND server is related to improper management of internal resources within the application when processing large delegations...

Amazon Linux AMI : bind (ALAS-2018-1082)

A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.CVE-2018-5740 C Tenable Network Security, Inc...

Amazon Linux AMI : bind (ALAS-2013-158)

A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones RPZ. If a remote attacker sent a specially crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by...