rpm package
opensuse/bind&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweed
Vulnerabilities (115)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-3817 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 25, 2012 | ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of ser | ||
| CVE-2012-1667 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jun 5, 2012 | ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data | ||
| CVE-2011-4313 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Nov 29, 2011 | query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors relat | ||
| CVE-2011-2464 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 8, 2011 | Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. | ||
| CVE-2011-1910 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | May 31, 2011 | Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRS | ||
| CVE-2011-1907 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | May 9, 2011 | ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. | ||
| CVE-2011-0414 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Feb 23, 2011 | ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update. | ||
| CVE-2010-3615 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 6, 2010 | named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism. | ||
| CVE-2010-3614 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 6, 2010 | named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of servic | ||
| CVE-2010-3613 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Dec 6, 2010 | named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon cra | ||
| CVE-2009-4022 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Nov 25, 2009 | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by rece | ||
| CVE-2009-0696 | — | < 9.10.3P4-21.1 | 9.10.3P4-21.1 | Jul 29, 2009 | The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the p | ||
| CVE-2007-2926 | — | < 9.16.20-1.4 | 9.16.20-1.4 | Jul 24, 2007 | ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poison | ||
| CVE-2007-2925 | — | < 9.16.20-1.4 | 9.16.20-1.4 | Jul 24, 2007 | The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache. | ||
| CVE-2006-4339 | — | < 9.16.20-1.4 | 9.16.20-1.4 | Sep 5, 2006 | OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor |
- CVE-2012-3817Jul 25, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of ser
- CVE-2012-1667Jun 5, 2012affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data
- CVE-2011-4313Nov 29, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors relat
- CVE-2011-2464Jul 8, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
- CVE-2011-1910May 31, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRS
- CVE-2011-1907May 9, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
- CVE-2011-0414Feb 23, 2011affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
- CVE-2010-3615Dec 6, 2010affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
- CVE-2010-3614Dec 6, 2010affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of servic
- CVE-2010-3613Dec 6, 2010affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon cra
- CVE-2009-4022Nov 25, 2009affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by rece
- CVE-2009-0696Jul 29, 2009affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the p
- CVE-2007-2926Jul 24, 2007affected < 9.16.20-1.4fixed 9.16.20-1.4
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poison
- CVE-2007-2925Jul 24, 2007affected < 9.16.20-1.4fixed 9.16.20-1.4
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
- CVE-2006-4339Sep 5, 2006affected < 9.16.20-1.4fixed 9.16.20-1.4
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor
Page 6 of 6