Page 12 of 62 results (0.015 seconds)

CVSS: 5.0EPSS: 10%CPEs: 239EXPL: 0

CVE-2011-4313 – bind: Remote denial of service against recursive servers via logging negative cache entry

https://notcve.org/view.php?id=CVE-2011-4313

query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. query.c en ISC BIND v9.0.x hasta v9.6.x, v9.4-ESV hasta v9.4-ESV-R5, v9.6-ESV hasta v9.6-ESV-R5, v9.7.0 hasta v9.7.4, v9.8.0 hasta v9.8.1, y v9.9.0a1 hasta v9.9.0b1, permite a atacantes remotos provocar una denegación de servicio a través de vectores relacionados con peticiones DNS recursivas, errores de registro, y la captura de un registro inválido por el 'resolver'. • http://blogs.oracle.com/sunsecurity/entry/cve_2011_4313_denial_of http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069463.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069970.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069975.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00027.html http://lists.opensuse.org/opensuse-security-announce •

CVSS: 2.6EPSS: 17%CPEs: 4EXPL: 0

CVE-2011-2465

https://notcve.org/view.php?id=CVE-2011-2465

Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. Vulnerabilidad no especificada en ISC BIND 9 v9.8.0, v9.8.0-P1, v9.8.0-P2, y v9.8.1b1, cuando la reclusión está habilitada y la Response Policy Zone (RPZ) contiene DNAME o algun registro CNAME, permite a atacantes remotos causar una denegación de servicio (caída del demonio) a través de una consulta no especificada • http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html http://osvdb.org/73604 http://secunia.com/advisories/45185 http://www.isc.org/software/bind/advisories/cve-2011-2465 http://www.kb.cert.org/vuls/id/137968 http://www.securityfocus.com/archive/1/518750/100/0/threaded http://www.securityfocus.com/bid/48565 http://www.securitytracker.com/id?1025743 https://exchange.xforce.ib •

CVSS: 5.0EPSS: 5%CPEs: 41EXPL: 0

CVE-2011-2464 – bind: Specially constructed packet will cause named to exit

https://notcve.org/view.php?id=CVE-2011-2464

Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. Vulnerabilidad no especificada en ISC BIND 9 v9.6.x antesw de v9.6-ESV-R4-P3, v9.7.x antes de v9.7.3-P3, y v9.8.x antes de v9.8.0-P4, permite a usuarios remotos provocar una denegación de servicio a través de una petición UPDATE manipulada. • http://blogs.oracle.com/sunsecurity/entry/cve_2011_2464_remote_denial http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062522.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062846.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/20 •

CVSS: 5.0EPSS: 94%CPEs: 238EXPL: 0

CVE-2011-1910 – bind: Large RRSIG RRsets and Negative Caching can crash named

https://notcve.org/view.php?id=CVE-2011-1910

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. Error de superación de límite (off-by-one) en named de ISC BIND 9.x anteriores a 9.7.3-P1, 9.8.x anteriores a 9.8.0-P2, 9.4-ESV anteriores a 9.4-ESV-R4-P1, y 9.6-ESV anteriores a 9.6-ESV-R4-P1 permite a servidores remotos DNS provocar una denegación de servicio (fallo de aserción y finalización del demonio) a través de una respuesta negativa que contenga RRSIG RRsets de gran tamaño. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061082.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.html http://marc.info/?l=bugtraq&m=142180687100892&w=2 http://osvdb.org/72540 http://secunia.com/advisories/44677 http://secunia.com/advisories/44719 http://secunia.com/advisories/447 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 90%CPEs: 1EXPL: 0

CVE-2011-1907

https://notcve.org/view.php?id=CVE-2011-1907

ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. ISC BIND v9.8.x anterior a v9.8.0-P1, cuando el reemplazo Response Policy Zones (RPZ) RRset es habilitado, permite a atacantes remotos provocar una denegación de servicio (error de aserción y salida del demonio) a través de un consulta RRSIG. • http://secunia.com/advisories/44416 http://www.securityfocus.com/archive/1/517900/100/0/threaded http://www.securityfocus.com/bid/47734 http://www.securitytracker.com/id?1025503 http://www.vupen.com/english/advisories/2011/1183 https://exchange.xforce.ibmcloud.com/vulnerabilities/67297 https://www.isc.org/CVE-2011-1907 • CWE-399: Resource Management Errors •