Page 19 of 146 results (0.015 seconds)

CVSS: 4.3EPSS: 7%CPEs: 1EXPL: 0

ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query. ISC BIND antes de su versión v9.7.2-P2, cuando la validación DNSSEC está habilitada, no controla correctamente ciertas firmas incorrectas si existen múltiples puntos confianza para una sola zona, lo que permite a atacantes remotos provocar una denegación de servicio (bloqueo del demonio) a través de una consulta DNS. • http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://support.avaya.com/css/P8/documents/100124923 http://www.debian.org/security/2010/dsa-2130 http://www.mandriva.com/security/advisories?name=MDVSA-2010:253 http://www.redhat.com/support/errata/RHSA-2010-0976.html http://www.securityfocus.com/archive/1/516909/100/0/threaded http://www.securityfocus.com/bid/45385 http:/ • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query. ISC BIND v9.7.2 a v9.7.2-P1 utiliza una ACL incorrecta para restringir la capacidad de las queries de Recursividad Deseada (RD) de acceder a la caché, lo que permite obtener información sensible a atacantes remotos a través de una consulta DNS. • http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html http://www.kb.cert.org/vuls/id/784855 https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.6EPSS: 4%CPEs: 2EXPL: 0

BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. BIND v9.7.1 y v9.7.1-P1, cuando un servidor de validación recursivo tiene un identificador de confianza que es configurado estáticamente o a través de DNSSEC Lookaside Validation (DLV), permite a atacantse causar una denegación de servicio (bucle infinito) a través de una petición para un registro RRSIG cuya respuesta no está en la caché, lo que causa en BIND el envío repetivamente de peticiones RRSI a los servidores de autorización. • http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044445.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html http://secunia.com/advisories/40652 http://secunia.com/advisories/40709 http://www.isc.org/software/bind/advisories/cve-2010-0213 http://www.kb.cert.org/vuls/id/211905 http://www.securityfocus.com/bid/41730 http://www.securitytracker.com/id?1024217 http://www.vupen.com/english/advisories/2010/1884 • CWE-19: Data Processing Errors •

CVSS: 7.6EPSS: 4%CPEs: 168EXPL: 0

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022. ISC BIND 9.0.x a 9.3.x, 9.4 en versiones anteriores a la 9.4.3-P5, 9.5 en versiones anteriores a la 9.5.2-P2, 9.6 en versiones anteriores a la 9.6.1-P3, y 9.7.0 beta maneja de manera inapropiada los datos de acompañamiento de una respuesta segura sin volver a consultar a la fuente original, lo que permite a atacantes remotos tener un impacto no especificado mediante una respuesta manipulada, también conocido como Bug 20819. NOTA: esta vulnerabilidad existe debido a una regresión durante la solución de CVE-2009-4022. • http://secunia.com/advisories/40086 http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 http://www.debian.org/security/2010/dsa-2054 http://www.vupen.com/english/advisories/2010/0622 http://www.vupen.com/english/advisories/2010/1352 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11753 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval •

CVSS: 4.3EPSS: 1%CPEs: 189EXPL: 0

ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain. ISC BIND 9.0.x a 9.3.x, 9.4 en versiones anteriores a la 9.4.3-P5, 9.5 en versiones anteriores a la 9.5.2-P2, 9.6 en versiones anteriores a la 9.6.1-P3, y9.7.0 beta, no valida de manera apropiada los registros DNSSEC (1) NSEC y (2) NSEC3, lo que permite a atacantes remotos añadir el flag (bandera) Authenticated Data (AD) a una respuesta NXDOMAIN falsificada para un dominio existente. • ftp://ftp.sco.com/pub/unixware7/714/security/p535243_uw7/p535243b.txt http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034196.html http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034202.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://marc.info/?l=bugtraq&m=127195582210247&w=2 http://secunia.com/advisories/38169 http://secunia.com/adv • CWE-20: Improper Input Validation •