Page 4 of 27 results (0.007 seconds)

CVSS: 7.5EPSS: 15%CPEs: 24EXPL: 0

CVE-2002-1219

https://notcve.org/view.php?id=CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Desbordamiento de búfer en BIND versiones 4 anteriores a 4.9.10, y versiones 8 anteriores a 8.3.3, permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta de servidor DNS conteniendo registros de recursos (RR) SIG. • ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000546 http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://marc.info/?l=bugtraq&m=103713117612842&w=2 http://marc.info/?l=bugtraq&m=103763574715133&w=2 http://online.securityfocus.com/advisories/4999 http://online.securityfocus.com/archive/1/300019 http: •

CVSS: 7.5EPSS: 93%CPEs: 18EXPL: 0

CVE-2002-0029

https://notcve.org/view.php?id=CVE-2002-0029

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. Desbordamientos de búfer en la libreria de resolución de raíz DNS en ISC BIND 4.9.2 a 4.9.10, y otras librerías derivadas como BSD libc y GNU libc, permite a atacantes remotos ejecutar código arbitrario mediante respuestas de servidor DNS que disparan el desbordamiento en las funciones getnetbyname() y getnetbyaddr(). También conocidad como "LIBRESOLV:desbordamiento de búfer. Es una vulnerabilidad distinta de CAN-2002-0684. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://www.cert.org/advisories/CA-2002-31.html http://www.isc.org/products/BIND/bind-security.html http://www.iss.net/security_center/static/10624.php http://www.kb.cert.org/vuls/id/844360 http://www.securityfocus.com/bid/6186 https://access.redhat&# •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2001-0497

https://notcve.org/view.php?id=CVE-2001-0497

dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 http://xforce.iss.net/alerts/advise78.php https://exchange.xforce.ibmcloud.com/vulnerabilities/6694 • CWE-276: Incorrect Default Permissions •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2001-0013

https://notcve.org/view.php?id=CVE-2001-0013

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2309 •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2001-0011

https://notcve.org/view.php?id=CVE-2001-0011

Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2307 •