rpm package
suse/bind&distro=SUSE Linux Enterprise Software Development Kit 12
pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1286 | Hig | 8.6 | < 9.9.6P1-28.12.1 | 9.9.6P1-28.12.1 | Mar 9, 2016 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. | |
| CVE-2016-1285 | Med | 6.8 | < 9.9.6P1-28.12.1 | 9.9.6P1-28.12.1 | Mar 9, 2016 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka contr | |
| CVE-2015-8704 | Med | 6.5 | < 9.9.6P1-28.9.1 | 9.9.6P1-28.9.1 | Jan 20, 2016 | apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record. | |
| CVE-2015-8000 | — | < 9.9.6P1-28.6.1 | 9.9.6P1-28.6.1 | Dec 16, 2015 | db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. | ||
| CVE-2015-5722 | — | < 9.9.6P1-26.1 | 9.9.6P1-26.1 | Sep 5, 2015 | buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. | ||
| CVE-2015-5477 | — | < 9.9.6P1-23.1 | 9.9.6P1-23.1 | Jul 29, 2015 | named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. | ||
| CVE-2015-4620 | — | < 9.9.6P1-18.1 | 9.9.6P1-18.1 | Jul 8, 2015 | name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zo | ||
| CVE-2015-1349 | — | < 9.9.6P1-18.1 | 9.9.6P1-18.1 | Feb 19, 2015 | named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect |
- affected < 9.9.6P1-28.12.1fixed 9.9.6P1-28.12.1
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
- affected < 9.9.6P1-28.12.1fixed 9.9.6P1-28.12.1
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka contr
- affected < 9.9.6P1-28.9.1fixed 9.9.6P1-28.9.1
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
- CVE-2015-8000Dec 16, 2015affected < 9.9.6P1-28.6.1fixed 9.9.6P1-28.6.1
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
- CVE-2015-5722Sep 5, 2015affected < 9.9.6P1-26.1fixed 9.9.6P1-26.1
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
- CVE-2015-5477Jul 29, 2015affected < 9.9.6P1-23.1fixed 9.9.6P1-23.1
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
- CVE-2015-4620Jul 8, 2015affected < 9.9.6P1-18.1fixed 9.9.6P1-18.1
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zo
- CVE-2015-1349Feb 19, 2015affected < 9.9.6P1-18.1fixed 9.9.6P1-18.1
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect