VYPR

rpm package

opensuse/bind&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/bind&distro=openSUSE%20Tumbleweed

Vulnerabilities (115)

  • CVE-2012-3817Jul 25, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of ser

  • CVE-2012-1667Jun 5, 2012
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data

  • CVE-2011-4313Nov 29, 2011
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors relat

  • CVE-2011-2464Jul 8, 2011
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.

  • CVE-2011-1910May 31, 2011
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRS

  • CVE-2011-1907May 9, 2011
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.

  • CVE-2011-0414Feb 23, 2011
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.

  • CVE-2010-3615Dec 6, 2010
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.

  • CVE-2010-3614Dec 6, 2010
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of servic

  • CVE-2010-3613Dec 6, 2010
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon cra

  • CVE-2009-4022Nov 25, 2009
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by rece

  • CVE-2009-0696Jul 29, 2009
    affected < 9.10.3P4-21.1fixed 9.10.3P4-21.1

    The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the p

  • CVE-2007-2926Jul 24, 2007
    affected < 9.16.20-1.4fixed 9.16.20-1.4

    ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poison

  • CVE-2007-2925Jul 24, 2007
    affected < 9.16.20-1.4fixed 9.16.20-1.4

    The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

  • CVE-2006-4339Sep 5, 2006
    affected < 9.16.20-1.4fixed 9.16.20-1.4

    OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from cor

Page 6 of 6