Page 23 of 118 results (0.029 seconds)

CVSS: 7.5EPSS: 7%CPEs: 9EXPL: 0

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de ciertas consultas SIG, lo cual provoca una falta de aserción cuando múltiples RRsets se devuelven. • http://docs.info.apple.com/article.html?artnum=305530 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://secunia.com/advisories/21752 http://secunia.com/advisories/21786 http://secunia.com/advisories/21816 http://secunia.com/advisories/21818 http://secunia.com/advisories/21828 http://secunia.com/advisories/21835 http://secunia.com/advisories/21838 http://secunia.com/advisories/21912 http://secunia.com/advisories/21926 http://secunia.com/advisories&#x • CWE-617: Reachable Assertion •

CVSS: 5.0EPSS: 8%CPEs: 13EXPL: 0

Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. • http://secunia.com/advisories/19808 http://securitytracker.com/id?1015993 http://www.kb.cert.org/vuls/id/955777 http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en http://www.securityfocus.com/bid/17692 http://www.vupen.com/english/advisories/2006/1505 http://www.vupen.com/english/advisories/2006/1537 https://exchange.xforce.ibmcloud.com/vulnerabilities/26081 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • http://dns.measurement-factory.com/surveys/sum1.html http://kb.isc.org/article/AA-00269 http://www.securityfocus.com/archive/1/426368/100/0/threaded http://www.us-cert.gov/reading_room/DNS-recursion121605.pdf - •

CVSS: 4.3EPSS: 3%CPEs: 1EXPL: 0

An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 http://securitytracker.com/id?1012995 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.isc.org/index.pl?/sw/bind/bind9.php http://www.kb.cert.org/vuls/id/938617 http://www.securityfocus.com/bid/12365 http://www.trustix.org/errata/2005/0003 http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19062 •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. • ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA2002-006.txt.asc ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.39 ftp://ftp.caldera.com/pub/updates/UnixWare/CSSA-2002-SCO.37 ftp://patches.sgi.com/support/free/security/advisories/20020701-01-I http://archives.neohapsis.com/archives/aix/2002-q3/0001.html http://archives.neohapsis.com/archives/linux/engarde/2002-q3/0002.html http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0000.html http://di •