Page 14 of 99 results (0.008 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2006-0987 – DNS Amplification Scanner

https://notcve.org/view.php?id=CVE-2006-0987

The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • http://dns.measurement-factory.com/surveys/sum1.html http://kb.isc.org/article/AA-00269 http://www.securityfocus.com/archive/1/426368/100/0/threaded http://www.us-cert.gov/reading_room/DNS-recursion121605.pdf - •

CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 0

CVE-2006-0527

https://notcve.org/view.php?id=CVE-2006-0527

BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. • http://attrition.org/pipermail/vim/2006-February/000551.html http://computerworld.com/networkingtopics/networking/story/0%2C10801%2C103744%2C00.html http://secunia.com/advisories/18690 http://securityreason.com/securityalert/438 http://securityreason.com/securityalert/748 http://securitytracker.com/id?1015551 http://securitytracker.com/id?1015606 http://www.osvdb.org/22888 http://www.securityfocus.com/archive/1/425083/100/0/threaded http://www.securityfocus.com/bid/16455 http://www.vupen& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 3%CPEs: 1EXPL: 0

CVE-2005-0034

https://notcve.org/view.php?id=CVE-2005-0034

An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 http://securitytracker.com/id?1012995 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.isc.org/index.pl?/sw/bind/bind9.php http://www.kb.cert.org/vuls/id/938617 http://www.securityfocus.com/bid/12365 http://www.trustix.org/errata/2005/0003 http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19062 •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

CVE-2005-0033

https://notcve.org/view.php?id=CVE-2005-0033

Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt http://secunia.com/advisories/14009 http://secunia.com/advisories/18291 http://securitytracker.com/id?1012996 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.isc.org/index.pl?/sw/bind/bind8.php http://www.kb.cert.org/vuls/id/327633 http://www.securityfocus.com/bid/12364 http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html https://exchange.xforce.ibmcloud •

CVSS: 4.3EPSS: 2%CPEs: 58EXPL: 0

CVE-2003-0914

https://notcve.org/view.php?id=CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository& •