Bind@9.9.0 Security Vulnerabilities and Issues — Bind@9.9.0 CVE List

Lucene search

IscBind9.9.0

3 matches found

CVE•added 2019/01/16 8:29 p.m.•522 views

CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1,...

7.5CVSS6.1AI score0.23879EPSS

CVE•added 2019/01/16 8:29 p.m.•439 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with ...

5.3CVSS6.2AI score0.05228EPSS

CVE•added 2019/01/16 8:29 p.m.•434 views

CVE-2017-3136

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were m...

5.9CVSS6.8AI score0.38166EPSS