CVSS: 6.8EPSS: 2%CPEs: 97EXPL: 0CVE-2009-0025 – bind: DSA_do_verify() returns check issue
https://notcve.org/view.php?id=CVE-2009-0025
07 Jan 2009 — BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3 y versiones anteriores no comprueba adecuadamente el valor de retorno de la función OpenSSL DSA_verify, lo que permite a atacantes remotos eludir la validación de la cadena del certificado a través de un... • http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 47%CPEs: 3EXPL: 0CVE-2008-4163
https://notcve.org/view.php?id=CVE-2008-4163
22 Sep 2008 — Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. Vulnerabilidad sin especificar en ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, y 9.5.0-P2-W1 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída del manejador cliente UDP) a través de vectores desconocidos. • http://marc.info/?l=bind-announce&m=122180244228376&w=2 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 24%CPEs: 35EXPL: 3CVE-2008-1447 – BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2008-1447
08 Jul 2008 — The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El... • https://www.exploit-db.com/exploits/6122 • CWE-331: Insufficient Entropy •
CVSS: 10.0EPSS: 21%CPEs: 43EXPL: 0CVE-2008-0122 – libbind off-by-one buffer overflow
https://notcve.org/view.php?id=CVE-2008-0122
16 Jan 2008 — Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. Error por un paso en la función inet_network en libbind en ISC BIND 9.4.2 y versiones anteriores, como se utiliza en libc en FreeBSD 6.2 hasta la versión 7.0-PRERELEASE, permite a atacantes dependientes del con... • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVSS: 5.8EPSS: 1%CPEs: 3EXPL: 0CVE-2007-2925
https://notcve.org/view.php?id=CVE-2007-2925
24 Jul 2007 — The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache. La lista de control de acceso por defecto (ACL) en ISC BIND 9.4.0, 9.4.1, y 9.5.0a1 hasta 9.5.0a5 no asigna las ACLs allow-recursion y allow-query-cache, lo cual permite a atacantes remotos realizar consultas recursivas y consultar la cache. • http://secunia.com/advisories/26227 •
CVSS: 7.5EPSS: 61%CPEs: 7EXPL: 1CVE-2007-2926 – BIND 9 0.3beta - DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2007-2926
24 Jul 2007 — ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning. ISC BIND 9 hasta 9.5.0a5 utiliza un número aleatorio debil a lo largo de la generación de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace má... • https://www.exploit-db.com/exploits/4266 •
CVSS: 7.5EPSS: 29%CPEs: 2EXPL: 0CVE-2007-2241
https://notcve.org/view.php?id=CVE-2007-2241
02 May 2007 — Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. Vulnerabilidad sin especificar en el query.c del ISC BIND 9.4.0 y del 9.5.0a1 hasta la 9.5.0a3, cuando la recursividad está activada, permite a atacantes remotos provocar una denegación de servicio (salida del demonio) a través de una secuencia de sentencias procesad... • http://osvdb.org/34748 •
CVSS: 7.5EPSS: 95%CPEs: 92EXPL: 0CVE-2007-0494 – BIND dnssec denial of service
https://notcve.org/view.php?id=CVE-2007-0494
25 Jan 2007 — ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability. ISC BIND 9.0.x, 9.1.x, 9.2.0 hasta la versión 9.2.7, 9.3.0 hasta la versión 9.3.3, 9.4.0a1 hasta la versión 9.4.0a6, 9.4.0b1 hasta la versión 9.4.0b4, 9.4.0rc... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 38%CPEs: 6EXPL: 0CVE-2007-0493 – bind use-after-free
https://notcve.org/view.php?id=CVE-2007-0493
25 Jan 2007 — Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." Vulnerabilidad "usar después de liberar" en ISC BIND 9.3.0 hasta 9.3.3, 9.4.0a1 hasta 9.4.0a6, 9.4.0b1 hasta 9.4.0b4, 9.4.0rc1, y 9.5.0a1 (Bind Forum only) permite a atacantes remotos provocar una denegación de ... • http://docs.info.apple.com/article.html?artnum=305530 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 9%CPEs: 9EXPL: 0CVE-2006-4095
https://notcve.org/view.php?id=CVE-2006-4095
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de ciertas consultas SIG, lo cual provoca una falta de aserción cuando múltiples RRsets se devuelven. • http://docs.info.apple.com/article.html?artnum=305530 • CWE-617: Reachable Assertion •