rpm package
opensuse/bind&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweed
Vulnerabilities (109)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-4620 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 8, 2015 | name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zo | ||
| CVE-2015-1349 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Feb 19, 2015 | named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect | ||
| CVE-2014-8680 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 11, 2014 | The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options. | ||
| CVE-2014-8500 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 11, 2014 | ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. | ||
| CVE-2014-3859 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jun 13, 2014 | libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv. | ||
| CVE-2014-3214 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | May 9, 2014 | The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes. | ||
| CVE-2014-0591 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jan 14, 2014 | The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS quer | ||
| CVE-2013-4854 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 29, 2013 | The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exi | ||
| CVE-2013-2266 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Mar 28, 2013 | libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exha | ||
| CVE-2012-5689 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jan 25, 2013 | ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAA | ||
| CVE-2012-5688 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 6, 2012 | ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | ||
| CVE-2012-5166 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Oct 10, 2012 | ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. | ||
| CVE-2012-4244 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Sep 14, 2012 | ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. | ||
| CVE-2012-3868 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 25, 2012 | Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. | ||
| CVE-2012-3817 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 25, 2012 | ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of ser | ||
| CVE-2012-1667 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jun 5, 2012 | ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data | ||
| CVE-2011-4313 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Nov 29, 2011 | query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors relat | ||
| CVE-2011-2464 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 8, 2011 | Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. | ||
| CVE-2011-1910 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | May 31, 2011 | Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRS | ||
| CVE-2011-1907 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | May 9, 2011 | ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. |
- CVE-2015-4620Jul 8, 2015affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zo
- CVE-2015-1349Feb 19, 2015affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect
- CVE-2014-8680Dec 11, 2014affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.
- CVE-2014-8500Dec 11, 2014affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
- CVE-2014-3859Jun 13, 2014affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv.
- CVE-2014-3214May 9, 2014affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.
- CVE-2014-0591Jan 14, 2014affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS quer
- CVE-2013-4854Jul 29, 2013affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exi
- CVE-2013-2266Mar 28, 2013affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exha
- CVE-2012-5689Jan 25, 2013affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAA
- CVE-2012-5688Dec 6, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
- CVE-2012-5166Oct 10, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
- CVE-2012-4244Sep 14, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
- CVE-2012-3868Jul 25, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
- CVE-2012-3817Jul 25, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of ser
- CVE-2012-1667Jun 5, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data
- CVE-2011-4313Nov 29, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors relat
- CVE-2011-2464Jul 8, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
- CVE-2011-1910May 31, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRS
- CVE-2011-1907May 9, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
Page 5 of 6