Page 4 of 19 results (0.004 seconds)

CVSS: 5.0EPSS: 6%CPEs: 21EXPL: 0

BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000546 http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://marc.info/?l=bugtraq&m=103713117612842&w=2 http://marc.info/?l=bugtraq&m=103763574715133&w=2 http://online.securityfocus.com/advisories/4999 http://online.securityfocus.com/archive/1/300019 http://www.cert.org/advisories/CA-2002-31.html http://www.ciac.org/ •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 http://xforce.iss.net/alerts/advise78.php https://exchange.xforce.ibmcloud.com/vulnerabilities/6694 • CWE-276: Incorrect Default Permissions •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. • http://www.cert.org/advisories/CA-2001-02.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2321 •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

Denial of service in BIND named via maxdname. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194 http://www.securityfocus.com/bid/788 •