VYPR

Bind

by Isc

Source repositories

CVEs (201)

  • CVE-2022-3080Sep 21, 2022
    risk 0.00cvss epss 0.01

    By sending specific queries to the resolver, an attacker can cause named to crash.

  • CVE-2022-38178Sep 21, 2022
    risk 0.00cvss epss 0.02

    By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

  • CVE-2022-38177Sep 21, 2022
    risk 0.00cvss epss 0.02

    By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

  • CVE-2022-2906Sep 21, 2022
    risk 0.00cvss epss 0.02

    An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.

  • CVE-2022-2881Sep 21, 2022
    risk 0.00cvss epss 0.01

    The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.

  • CVE-2022-2795Sep 21, 2022
    risk 0.00cvss epss 0.01

    By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

  • CVE-2022-1183May 19, 2022
    risk 0.00cvss epss 0.05

    On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and…

  • CVE-2021-25220Mar 23, 2022
    risk 0.00cvss epss 0.03

    BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but…

  • CVE-2022-0635Mar 23, 2022
    risk 0.00cvss epss 0.01

    Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.

  • CVE-2022-0396Mar 23, 2022
    risk 0.00cvss epss 0.03

    BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has…

  • CVE-2022-0667Mar 22, 2022
    risk 0.00cvss epss 0.01

    When the vulnerability is triggered the BIND process will exit. BIND 9.18.0

  • CVE-2021-25219Oct 27, 2021
    risk 0.00cvss epss 0.08

    In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a…

  • CVE-2021-25218Aug 18, 2021
    risk 0.00cvss epss 0.04

    In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND…

  • CVE-2021-25215Apr 29, 2021
    risk 0.00cvss epss 0.11

    In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a…

  • CVE-2021-25214Apr 29, 2021
    risk 0.00cvss epss 0.06

    In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of…

  • CVE-2020-8624Aug 21, 2020
    risk 0.00cvss epss 0.04

    In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the…

  • CVE-2020-8622Aug 21, 2020
    risk 0.00cvss epss 0.06

    In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated…

  • CVE-2020-8621Aug 21, 2020
    risk 0.00cvss epss 0.03

    In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not…

  • CVE-2020-8618Jun 17, 2020
    risk 0.00cvss epss 0.02

    An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

  • CVE-2019-6477Nov 26, 2019
    risk 0.00cvss epss 0.04

    With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been…

Page 8 of 11