CVSS: 6.8EPSS: 96%CPEs: 59EXPL: 0CVE-2015-8704 – bind: specific APL data could trigger an INSIST in apl_42.c
https://notcve.org/view.php?id=CVE-2015-8704
20 Jan 2016 — apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record. apl_42.c en ISC BIND 9.x en versiones anteriores a 9.9.8-P3, 9.9.x y 9.10.x en versiones anteriores a 9.10.3-P3 permite a usuarios remotos autenticados provocar una denegación de servicio (fallo de la afirmación INSIST y salida de demonio) a través de un registro Address Prefix ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 12%CPEs: 164EXPL: 0CVE-2015-8461 – Slackware Security Advisory - bind Updates
https://notcve.org/view.php?id=CVE-2015-8461
16 Dec 2015 — Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors. Condición de carrera en resolver.c en named en ISC BIND 9.9.8 en versiones anteriores a 9.9.8-P2 y 9.10.3 en versiones anteriores a 9.10.3-P2 permite a atacantes remotos causar una denegación de servicio (falla de aserción INSIST y salida del demonio) a través de vectores no especificados. ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 95%CPEs: 170EXPL: 0CVE-2015-8000 – bind: responses with a malformed class attribute can trigger an assertion failure in db.c
https://notcve.org/view.php?id=CVE-2015-8000
16 Dec 2015 — db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. db.c en named en ISC BIND 9.x en versiones anteriores a 9.9.8-P2 y 9.10.x en versiones anteriores a 9.10.3-P2 permite a atacantes remotos causar una denegación de servicio (falla de aserción REQUIRE y salida del demonio) a través de un atributo de clase mal formado. A denial of service flaw was found in the... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 94%CPEs: 3EXPL: 0CVE-2015-5986 – Apple Security Advisory 2015-10-21-8
https://notcve.org/view.php?id=CVE-2015-5986
03 Sep 2015 — openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. Openpgpkey_61.c en demonio named en ISC BIND 9.9.7 en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error en aserción REQUIRE y salida del demonio) a través de una respuesta DNS manipulada. New bind packag... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 96%CPEs: 3EXPL: 0CVE-2015-5722 – bind: malformed DNSSEC key failed assertion denial of service
https://notcve.org/view.php?id=CVE-2015-5722
02 Sep 2015 — buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. Vulnerabilidad en buffer.c en nombrado en ISC BIND 9.x en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error de aserción y salida del demonio) mediante... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 11CVE-2015-5477 – ISC BIND 9 - TKEY Remote Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2015-5477
28 Jul 2015 — named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. Vulnerabilidad identificada en ISC BIND 9.x en versiones anteriores a 9.9.7-P2 y 9.10.x en versiones anteriores a 9.10.2-P3, permite a atacantes remotos causar una denegación de servicio (fallo en la comprobación de REQUIRE y salida del demonio) a través de consultas TKEY. A flaw was found in the way BIND handled requests for TKE... • https://packetstorm.news/files/id/180552 • CWE-19: Data Processing Errors CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 72%CPEs: 63EXPL: 0CVE-2014-8500 – bind: delegation handling denial of service
https://notcve.org/view.php?id=CVE-2014-8500
09 Dec 2014 — ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. ISC BIND 9.0.x hasta 9.8.x, 9.9.0 hasta 9.9.6, y 9.10.0 hasta 9.10.1 no limita el encadenamiento de la delegación, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída del nombrado) a través de un número grande o i... • http://advisories.mageia.org/MGASA-2014-0524.html • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 10%CPEs: 278EXPL: 0CVE-2012-5166 – bind: Specially crafted DNS data can cause a lockup in named
https://notcve.org/view.php?id=CVE-2012-5166
10 Oct 2012 — ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. ISC BIND v9.x antes de v9.7.6-P4, v9.8.x antes de v9.8.3-P4, v9.9.x antes de v9.9.1-P4, y v9.4-ESV y 9.6-ESV antes de v9.6-ESV-R7-P, permite a atacantes remotos provocar una denegación de servicio a través de combinaciones no especificadas de registros de recursos. Po... • http://aix.software.ibm.com/aix/efixes/security/bind9_advisory5.asc • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 33%CPEs: 278EXPL: 0CVE-2012-4244 – bind: specially crafted resource record causes named to exit
https://notcve.org/view.php?id=CVE-2012-4244
14 Sep 2012 — ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. ISC BIND v9.x antes de v9.7.6-P3, v9.8.x antes de v9.8.3-P3, v9.9.x antes de v9.9.1-P3, y v9.4-ESV y v9.6-ESV antes de v9.6-ESV-R7-P3 permite provocar una denegación de servicio (error de aserción y salida de demonio) a atacantes remotos a través de una co... • http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html •
CVSS: 8.5EPSS: 90%CPEs: 256EXPL: 0CVE-2012-1667 – bind: handling of zero length rdata can cause named to terminate unexpectedly
https://notcve.org/view.php?id=CVE-2012-1667
05 Jun 2012 — ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. ISC BIND v9.x antes de v9.7.6-P1, v9.8.x antes de v9.8.3-P1, v9.9.x antes de v9.9.1-P1, y v9.4-ESV antes de 9.6-ESV-R7-P1 no gestionan adecuadamen... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html • CWE-189: Numeric Errors •