VYPR

rpm package

opensuse/bind&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweed

Vulnerabilities (115)

  • CVE-2015-8704MedJan 20, 2016
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.

  • CVE-2015-8461Dec 16, 2015
    affected < 9.16.20-1.4fixed 9.16.20-1.4

    Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.

  • CVE-2015-8000Dec 16, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.

  • CVE-2015-5986Sep 5, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.

  • CVE-2015-5722Sep 5, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

  • CVE-2015-5477Jul 29, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

  • CVE-2015-4620Jul 8, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zo

  • CVE-2015-1349Feb 19, 2015
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect

  • CVE-2014-8680Dec 11, 2014
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.

  • CVE-2014-8500Dec 11, 2014
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.

  • CVE-2014-3859Jun 13, 2014
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv.

  • CVE-2014-3214May 9, 2014
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.

  • CVE-2014-0591Jan 14, 2014
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS quer

  • CVE-2013-4854Jul 29, 2013
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exi

  • CVE-2013-2266Mar 28, 2013
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exha

  • CVE-2012-5689Jan 25, 2013
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAA

  • CVE-2012-5688Dec 6, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

  • CVE-2012-5166Oct 10, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.

  • CVE-2012-4244Sep 14, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.

  • CVE-2012-3868Jul 25, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.

Page 5 of 6