Filtered by vendor Isc
Subscriptions
Total
222 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0684 | 3 Gnu, Isc, Redhat | 4 Glibc, Bind, Enterprise Linux and 1 more | 2024-08-08 | N/A |
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | ||||
CVE-2002-0651 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | ||||
CVE-2002-0525 | 1 Isc | 1 Inn | 2024-08-08 | N/A |
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses. | ||||
CVE-2002-0400 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2024-08-08 | N/A |
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | ||||
CVE-2002-0029 | 3 Astaro, Isc, Redhat | 3 Security Linux, Bind, Enterprise Linux | 2024-08-08 | N/A |
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | ||||
CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2024-08-08 | N/A |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | ||||
CVE-2003-0039 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2024-08-08 | N/A |
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | ||||
CVE-2003-0026 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2024-08-08 | N/A |
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | ||||
CVE-2004-1006 | 2 Isc, Redhat | 2 Dhcpd, Enterprise Linux | 2024-08-08 | N/A |
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. | ||||
CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-08-08 | N/A |
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | ||||
CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-08-08 | N/A |
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | ||||
CVE-2004-0045 | 1 Isc | 1 Inn | 2024-08-08 | N/A |
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | ||||
CVE-2005-0034 | 1 Isc | 1 Bind | 2024-08-07 | N/A |
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. | ||||
CVE-2005-0033 | 1 Isc | 1 Bind | 2024-08-07 | N/A |
Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. | ||||
CVE-2006-4096 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2024-08-07 | N/A |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | ||||
CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2024-08-07 | 7.5 High |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | ||||
CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2024-08-07 | N/A |
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | ||||
CVE-2006-2073 | 1 Isc | 1 Bind | 2024-08-07 | N/A |
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | ||||
CVE-2006-0987 | 1 Isc | 1 Bind | 2024-08-07 | N/A |
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | ||||
CVE-2006-0527 | 1 Isc | 1 Bind | 2024-08-07 | N/A |
BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. |