Page 22 of 137 results (0.007 seconds)

CVSS: 4.3EPSS: 3%CPEs: 1EXPL: 0

An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 http://securitytracker.com/id?1012995 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.isc.org/index.pl?/sw/bind/bind9.php http://www.kb.cert.org/vuls/id/938617 http://www.securityfocus.com/bid/12365 http://www.trustix.org/errata/2005/0003 http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19062 •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt http://secunia.com/advisories/14009 http://secunia.com/advisories/18291 http://securitytracker.com/id?1012996 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.isc.org/index.pl?/sw/bind/bind8.php http://www.kb.cert.org/vuls/id/327633 http://www.securityfocus.com/bid/12364 http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html https://exchange.xforce.ibmcloud •

CVSS: 4.3EPSS: 2%CPEs: 58EXPL: 0

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository& •

CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0

The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html •

CVSS: 5.0EPSS: 1%CPEs: 31EXPL: 0

BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/IAFY-5FDT4U http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html http://www.securityfocus.com/archive/1/434523/100/0/threaded •