Page 4 of 20 results (0.005 seconds)

CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0

The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 http://xforce.iss.net/alerts/advise78.php https://exchange.xforce.ibmcloud.com/vulnerabilities/6694 • CWE-276: Incorrect Default Permissions •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 3

named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. • https://www.exploit-db.com/exploits/19072 http://www.securityfocus.com/archive/1/8966 http://www.securityfocus.com/bid/80 •

CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. • ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083 •

CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 0

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. • ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083 •