VYPR

Bind

by Isc

Source repositories

CVEs (201)

  • CVE-2013-3919Jun 6, 2013
    risk 0.00cvss epss 0.05

    resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a…

  • CVE-2012-3868Jul 25, 2012
    risk 0.00cvss epss 0.03

    Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.

  • CVE-2011-1907May 9, 2011
    risk 0.00cvss epss 0.05

    ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.

  • CVE-2010-0218Oct 5, 2010
    risk 0.00cvss epss 0.04

    ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.

  • CVE-2008-4163Sep 22, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.

  • CVE-2007-6283Dec 18, 2007
    risk 0.00cvss epss 0.00

    Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.

  • CVE-2007-5471Oct 16, 2007
    risk 0.00cvss epss 0.03

    libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 SP 1, terminates upon an initialization error, which allows remote attackers to cause a denial of service (daemon exit) via a GSS-TSIG request. NOTE: this issue probably affects…

  • CVE-2007-2925Jul 24, 2007
    risk 0.00cvss epss 0.06

    The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.

  • CVE-2003-0914Dec 15, 2003
    risk 0.00cvss epss 0.03

    ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

  • CVE-2002-2213Dec 31, 2002
    risk 0.00cvss epss 0.02

    The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR)…

  • CVE-2002-2212Dec 31, 2002
    risk 0.00cvss epss 0.02

    The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined…

  • CVE-2002-0684Aug 12, 2002
    risk 0.00cvss epss 0.06

    Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname…

  • CVE-2001-0012Feb 12, 2001
    risk 0.00cvss epss 0.04

    BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.

  • CVE-2000-0335May 3, 2000
    risk 0.00cvss epss 0.02

    The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.

  • CVE-1999-0833Nov 10, 1999
    risk 0.00cvss epss 0.02

    Buffer overflow in BIND 8.2 via NXT records.

  • CVE-1999-0849Nov 10, 1999
    risk 0.00cvss epss 0.03

    Denial of service in BIND named via maxdname.

  • CVE-1999-0851Nov 10, 1999
    risk 0.00cvss epss 0.00

    Denial of service in BIND named via naptr.

  • CVE-1999-0837Nov 10, 1999
    risk 0.00cvss epss 0.03

    Denial of service in BIND by improperly closing TCP sessions via so_linger.

  • CVE-1999-0010Apr 8, 1998
    risk 0.00cvss epss 0.02

    Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

  • CVE-1999-0024Aug 13, 1997
    risk 0.00cvss epss 0.05

    DNS cache poisoning via BIND, by predictable query IDs.

Page 10 of 11