VYPR

Vendor CVEs

Isc

All CVEs

270 total · sorted by risk
  • CVE-2005-0034May 2, 2005
    risk 0.01cvss epss 0.06

    An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.

  • CVE-2004-1006Mar 1, 2005
    risk 0.01cvss epss 0.08

    Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.

  • CVE-2004-0461Aug 6, 2004
    risk 0.01cvss epss 0.17

    The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that…

  • CVE-2004-0045Feb 3, 2004
    risk 0.01cvss epss 0.09

    Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.

  • CVE-2003-0039Feb 7, 2003
    risk 0.01cvss epss 0.08

    ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.

  • CVE-2002-2211Dec 31, 2002
    risk 0.01cvss epss 0.08

    BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases…

  • CVE-2002-1219Nov 29, 2002
    risk 0.01cvss epss 0.12

    Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

  • CVE-2002-1221Nov 29, 2002
    risk 0.01cvss epss 0.08

    BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

  • CVE-2002-0029Nov 29, 2002
    risk 0.01cvss epss 0.10

    Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2)…

  • CVE-2002-0651Jul 3, 2002
    risk 0.01cvss epss 0.13

    Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.

  • CVE-2002-0400Jun 18, 2002
    risk 0.01cvss epss 0.14

    ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka…

  • CVE-2001-0013Feb 12, 2001
    risk 0.01cvss epss 0.11

    Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

  • CVE-2001-0011Feb 12, 2001
    risk 0.01cvss epss 0.08

    Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

  • CVE-2000-0888Dec 19, 2000
    risk 0.01cvss epss 0.08

    named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."

  • CVE-2000-0585Jun 24, 2000
    risk 0.01cvss epss 0.07

    ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.

  • CVE-2026-3608Mar 25, 2026
    risk 0.00cvss epss 0.01

    Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and…

  • CVE-2024-28872Jul 11, 2024
    risk 0.00cvss epss 0.00

    The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service…

  • CVE-2023-6516Feb 13, 2024
    risk 0.00cvss epss 0.01

    To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first…

  • CVE-2023-5680Feb 13, 2024
    risk 0.00cvss epss 0.01

    If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through…

  • CVE-2023-5679Feb 13, 2024
    risk 0.00cvss epss 0.01

    A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19,…

  • CVE-2023-5517Feb 13, 2024
    risk 0.00cvss epss 0.01

    A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect ;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN…

  • CVE-2023-4408Feb 13, 2024
    risk 0.00cvss epss 0.01

    The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw.…

  • CVE-2023-4236Sep 20, 2023
    risk 0.00cvss epss 0.02

    A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions…

  • CVE-2023-3341Sep 20, 2023
    risk 0.00cvss epss 0.03

    The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of…

  • CVE-2023-2911Jun 21, 2023
    risk 0.00cvss epss 0.03

    If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This…

  • CVE-2023-2829Jun 21, 2023
    risk 0.00cvss epss 0.01

    A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9…

  • CVE-2023-2828Jun 21, 2023
    risk 0.00cvss epss 0.04

    Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the…

  • CVE-2022-3924Jan 25, 2023
    risk 0.00cvss epss 0.16

    This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase…

  • CVE-2022-3736Jan 25, 2023
    risk 0.00cvss epss 0.50

    BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0…

  • CVE-2022-3094Jan 25, 2023
    risk 0.00cvss epss 0.13

    Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access…

  • CVE-2022-37980Oct 11, 2022
    risk 0.00cvss epss 0.01

    Windows DHCP Client Elevation of Privilege Vulnerability

  • CVE-2022-2929Oct 7, 2022
    risk 0.00cvss epss 0.01

    In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.

  • CVE-2022-2928Oct 7, 2022
    risk 0.00cvss epss 0.01

    In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount…

  • CVE-2022-3080Sep 21, 2022
    risk 0.00cvss epss 0.01

    By sending specific queries to the resolver, an attacker can cause named to crash.

  • CVE-2022-38178Sep 21, 2022
    risk 0.00cvss epss 0.02

    By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

  • CVE-2022-38177Sep 21, 2022
    risk 0.00cvss epss 0.02

    By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

  • CVE-2022-2906Sep 21, 2022
    risk 0.00cvss epss 0.02

    An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.

  • CVE-2022-2881Sep 21, 2022
    risk 0.00cvss epss 0.01

    The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.

  • CVE-2022-2795Sep 21, 2022
    risk 0.00cvss epss 0.01

    By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

  • CVE-2022-1183May 19, 2022
    risk 0.00cvss epss 0.05

    On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and…

  • CVE-2021-25220Mar 23, 2022
    risk 0.00cvss epss 0.03

    BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but…

  • CVE-2022-0635Mar 23, 2022
    risk 0.00cvss epss 0.01

    Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.

  • CVE-2022-0396Mar 23, 2022
    risk 0.00cvss epss 0.03

    BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has…

  • CVE-2022-0667Mar 22, 2022
    risk 0.00cvss epss 0.01

    When the vulnerability is triggered the BIND process will exit. BIND 9.18.0

  • CVE-2021-25219Oct 27, 2021
    risk 0.00cvss epss 0.08

    In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a…

  • CVE-2021-25218Aug 18, 2021
    risk 0.00cvss epss 0.04

    In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND…

  • CVE-2021-31998Jun 10, 2021
    risk 0.00cvss epss 0.00

    A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux…

  • CVE-2021-25217May 26, 2021
    risk 0.00cvss epss 0.06

    In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the…

  • CVE-2021-25215Apr 29, 2021
    risk 0.00cvss epss 0.11

    In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a…

  • CVE-2021-25214Apr 29, 2021
    risk 0.00cvss epss 0.06

    In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of…

Page 4 of 6