CVSS: 7.5EPSS: 17%CPEs: 11EXPL: 0CVE-2006-4096 – HP Security Bulletin HPSBOV03226 1
https://notcve.org/view.php?id=CVE-2006-4096
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de una inundación de preguntas recurrentes, que causan una fallo de INSIST cuando se recibe la respuesta después de que la cola recursiva esté ... • http://docs.info.apple.com/article.html?artnum=305530 •
CVSS: 7.5EPSS: 12%CPEs: 13EXPL: 0CVE-2006-2073
https://notcve.org/view.php?id=CVE-2006-2073
27 Apr 2006 — Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. • http://secunia.com/advisories/19808 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2006-0987 – DNS Amplification Scanner
https://notcve.org/view.php?id=CVE-2006-0987
03 Mar 2006 — The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • https://packetstorm.news/files/id/181220 •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 0CVE-2005-0034
https://notcve.org/view.php?id=CVE-2005-0034
29 Jan 2005 — An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2002-0651
https://notcve.org/view.php?id=CVE-2002-0651
03 Jul 2002 — Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. • ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA2002-006.txt.asc •
CVSS: 7.5EPSS: 6%CPEs: 6EXPL: 0CVE-2002-0400
https://notcve.org/view.php?id=CVE-2002-0400
18 Jun 2002 — ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.24.1/CSSA-2002-SCO.24.1.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0497
https://notcve.org/view.php?id=CVE-2001-0497
21 Jul 2001 — dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 • CWE-276: Incorrect Default Permissions •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-0184
https://notcve.org/view.php?id=CVE-1999-0184
01 Jul 1997 — When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0184 •