Bind Security Vulnerabilities and Issues — Bind CVE List

Lucene search

IscBind

5 matches found

CVE•added 2004/09/01 4:0 a.m.•530 views

CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.

7.5CVSS9.8AI score0.05437EPSS

CVE•added 2004/09/01 4:0 a.m.•81 views

CVE-2002-1220

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.

5CVSS6.3AI score0.19177EPSS

CVE•added 2004/09/01 4:0 a.m.•64 views

CVE-2002-1221

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

5CVSS6.2AI score0.03661EPSS

CVE•added 2004/09/01 4:0 a.m.•61 views

CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

7.5CVSS7.5AI score0.07085EPSS

CVE•added 2004/09/01 4:0 a.m.•52 views

CVE-2002-0400

ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.

5CVSS6.4AI score0.27728EPSS