Page 5 of 38 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 http://xforce.iss.net/alerts/advise78.php https://exchange.xforce.ibmcloud.com/vulnerabilities/6694 • CWE-276: Incorrect Default Permissions •

CVSS: 10.0EPSS: 18%CPEs: 10EXPL: 4

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. • https://www.exploit-db.com/exploits/277 https://www.exploit-db.com/exploits/282 https://www.exploit-db.com/exploits/279 https://www.exploit-db.com/exploits/280 http://www.cert.org/advisories/CA-2001-02.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2302 •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2307 •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. • http://www.cert.org/advisories/CA-2001-02.html http://www.debian.org/security/2001/dsa-026 http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2321 •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. • http://www.cert.org/advisories/CA-2001-02.html http://www.nai.com/research/covert/advisories/047.asp http://www.redhat.com/support/errata/RHSA-2001-007.html http://www.securityfocus.com/bid/2309 •