Bind@9.10.0 Security Vulnerabilities and Issues — Bind@9.10.0 CVE List

Lucene search

IscBind9.10.0

4 matches found

CVE•added 2014/12/11 2:59 a.m.•1170 views

CVE-2014-8500

ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.

7.8CVSS8.2AI score0.43824EPSS

CVE•added 2014/05/09 1:55 a.m.•481 views

CVE-2014-3214

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.

5CVSS8.8AI score0.11256EPSS

CVE•added 2014/06/13 11:19 a.m.•62 views

CVE-2014-3859

libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv.

5CVSS7.2AI score0.29819EPSS

CVE•added 2014/12/11 2:59 a.m.•57 views

CVE-2014-8680

The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.

5.4CVSS6.5AI score0.0304EPSS