Filtered by vendor Isc
Subscriptions
Total
222 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-8622 | 9 Canonical, Debian, Fedoraproject and 6 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-09-16 | 6.5 Medium |
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | ||||
CVE-2021-25220 | 6 Fedoraproject, Isc, Juniper and 3 more | 50 Fedora, Bind, Junos and 47 more | 2024-09-16 | 6.8 Medium |
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. | ||||
CVE-2017-3142 | 3 Debian, Isc, Redhat | 9 Debian Linux, Bind, Enterprise Linux and 6 more | 2024-09-16 | N/A |
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. | ||||
CVE-2019-6476 | 1 Isc | 1 Bind | 2024-09-16 | 5.9 Medium |
A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4. | ||||
CVE-2019-6477 | 3 Fedoraproject, Isc, Redhat | 3 Fedora, Bind, Enterprise Linux | 2024-09-16 | 7.5 High |
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem). | ||||
CVE-2020-8621 | 5 Canonical, Isc, Netapp and 2 more | 5 Ubuntu Linux, Bind, Steelstore Cloud Integrated Storage and 2 more | 2024-09-16 | 7.5 High |
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected. | ||||
CVE-2017-3143 | 3 Debian, Isc, Redhat | 9 Debian Linux, Bind, Enterprise Linux and 6 more | 2024-09-16 | N/A |
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. | ||||
CVE-2000-1029 | 1 Isc | 1 Bind | 2024-08-08 | N/A |
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query. | ||||
CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2024-08-08 | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | ||||
CVE-2000-0887 | 1 Isc | 1 Bind | 2024-08-08 | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | ||||
CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2024-08-08 | N/A |
ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | ||||
CVE-2000-0472 | 1 Isc | 1 Inn | 2024-08-08 | N/A |
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | ||||
CVE-2000-0360 | 1 Isc | 1 Inn | 2024-08-08 | N/A |
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | ||||
CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2024-08-08 | N/A |
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | ||||
CVE-2001-1442 | 1 Isc | 1 Inn | 2024-08-08 | N/A |
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument. | ||||
CVE-2001-0497 | 1 Isc | 1 Bind | 2024-08-08 | 7.8 High |
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | ||||
CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
CVE-2001-0010 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | ||||
CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2024-08-08 | N/A |
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. |