rpm package
suse/bind&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9131 | Hig | 7.5 | < 9.9.6P1-0.36.1 | 9.9.6P1-0.36.1 | Jan 12, 2017 | named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. | |
| CVE-2016-8864 | Hig | 7.5 | < 9.9.6P1-0.33.1 | 9.9.6P1-0.33.1 | Nov 2, 2016 | named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and re | |
| CVE-2016-2776 | Hig | 7.5 | < 9.9.6P1-0.30.1 | 9.9.6P1-0.30.1 | Sep 28, 2016 | buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | |
| CVE-2016-2775 | Med | 5.9 | < 9.9.6P1-0.44.1 | 9.9.6P1-0.44.1 | Jul 19, 2016 | ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | |
| CVE-2016-6170 | Med | 6.5 | < 9.9.6P1-0.44.1 | 9.9.6P1-0.44.1 | Jul 6, 2016 | ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a |
- affected < 9.9.6P1-0.36.1fixed 9.9.6P1-0.36.1
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
- affected < 9.9.6P1-0.33.1fixed 9.9.6P1-0.33.1
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and re
- affected < 9.9.6P1-0.30.1fixed 9.9.6P1-0.30.1
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
- affected < 9.9.6P1-0.44.1fixed 9.9.6P1-0.44.1
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
- affected < 9.9.6P1-0.44.1fixed 9.9.6P1-0.44.1
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a
Page 2 of 2