CVSS: 7.5EPSS: 19%CPEs: 11EXPL: 1CVE-2002-1220 – ISC BIND 8.3.x - OPT Record Large UDP Denial of Service
https://notcve.org/view.php?id=CVE-2002-1220
29 Nov 2002 — BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 •
CVSS: 7.5EPSS: 3%CPEs: 21EXPL: 0CVE-2002-1221
https://notcve.org/view.php?id=CVE-2002-1221
29 Nov 2002 — BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 •
CVSS: 9.8EPSS: 26%CPEs: 18EXPL: 0CVE-2002-0029
https://notcve.org/view.php?id=CVE-2002-0029
21 Nov 2002 — Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. Desbordamientos de búfer en la libreria de resolución de raíz DNS en ISC BIND 4.9.2 a 4.9.10, y otras librerías derivadas como BSD... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2002-0684
https://notcve.org/view.php?id=CVE-2002-0684
31 Jul 2002 — Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. Desbordamiento de búfer en las funciones de resolución de DNS que buscan nombres de red y direcciones, como en BIND 4.9.8 y glibc 2.2.5 y anteriores, permiten que servidores DNS remotos ejecuten código arbitrario por ... • http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0497
https://notcve.org/view.php?id=CVE-2001-0497
21 Jul 2001 — dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 • CWE-276: Incorrect Default Permissions •
CVSS: 10.0EPSS: 57%CPEs: 10EXPL: 4CVE-2001-0010 – ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow
https://notcve.org/view.php?id=CVE-2001-0010
12 Feb 2001 — Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. • https://www.exploit-db.com/exploits/277 •
CVSS: 10.0EPSS: 7%CPEs: 5EXPL: 0CVE-2001-0011
https://notcve.org/view.php?id=CVE-2001-0011
12 Feb 2001 — Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html •
CVSS: 7.5EPSS: 20%CPEs: 15EXPL: 0CVE-2001-0012
https://notcve.org/view.php?id=CVE-2001-0012
12 Feb 2001 — BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. • http://www.cert.org/advisories/CA-2001-02.html •
CVSS: 10.0EPSS: 9%CPEs: 5EXPL: 0CVE-2001-0013
https://notcve.org/view.php?id=CVE-2001-0013
12 Feb 2001 — Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html •
CVSS: 7.5EPSS: 17%CPEs: 1EXPL: 2CVE-2000-0887 – ISC BIND 8.2.2-P5 - Denial of Service
https://notcve.org/view.php?id=CVE-2000-0887
19 Dec 2000 — named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." • https://www.exploit-db.com/exploits/20388 •