CVSS: 7.5EPSS: 58%CPEs: 45EXPL: 0CVE-2016-9131 – bind: assertion failure while processing response to an ANY query
https://notcve.org/view.php?id=CVE-2016-9131
12 Jan 2017 — named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P5, 9.10.x en versiones anteriores a 9.10.4-P5 y 9.11.x en versiones anteriores a 9.11.0-P2 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una respuesta mal for... • http://rhn.redhat.com/errata/RHSA-2017-0062.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 48%CPEs: 57EXPL: 0CVE-2016-8864 – bind: assertion failure while handling responses containing a DNAME answer
https://notcve.org/view.php?id=CVE-2016-8864
01 Nov 2016 — named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P4, 9.10.x en versiones anteriores a 9.10.4-P4 y 9.11.x en versiones anteriores a 9.11.0-P1 permite a atacantes remotos provocar una denegación de servicio (fallo de as... • http://rhn.redhat.com/errata/RHSA-2016-2141.html • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 51%CPEs: 264EXPL: 0CVE-2016-2848 – bind: assertion failure triggered by a packet with malformed options
https://notcve.org/view.php?id=CVE-2016-2848
21 Oct 2016 — ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record. ISC BIND 9.1.0 hasta la versión 9.8.4-P2 y 9.9.0 hasta la versión 9.9.2-P2 permite a atacantes remotos provocar una denegación de servicio (error de aserción y salida del demonio) a través de datos de opciones mal formadas en un registro de recursos OPT. A denial of service flaw was found in the way BIND hand... • http://rhn.redhat.com/errata/RHSA-2016-2093.html • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 90%CPEs: 49EXPL: 4CVE-2016-2776 – ISC BIND 9 - Denial of Service
https://notcve.org/view.php?id=CVE-2016-2776
28 Sep 2016 — buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. buffer.c en named en ISC BIND 9 en versiones anteriores a 9.9.9-P3, 9.10.x en versiones anteriores a 9.10.4-P3 y 9.11.x en versiones anteriores a 9.11.0rc3 no construye respuestas adecuadamente, lo que permite a atacantes remotos provocar una denegación d... • https://packetstorm.news/files/id/180551 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 29%CPEs: 42EXPL: 0CVE-2016-2775 – bind: Too long query name causes segmentation fault in lwresd
https://notcve.org/view.php?id=CVE-2016-2775
19 Jul 2016 — ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. ISC BIND 9.x en versiones anteriores a 9.9.9-P2, 9.10.x en versiones anteriores a 9.10.4-P2 y 9.11.x en versiones anteriores a 9.11.0b2, cuando lwresd o la opción nombrada lwres está habilitada, permite a atacantes remotos provocar una denegación ... • http://www.securityfocus.com/bid/92037 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 15EXPL: 1CVE-2016-6170 – Ubuntu Security Notice USN-5747-1
https://notcve.org/view.php?id=CVE-2016-6170
06 Jul 2016 — ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message. ISC BIND hasta la versión 9.9.9-P1, 9.10.x hasta la versión 9.10.4-P1 y 9.11.x hasta la v... • http://www.openwall.com/lists/oss-security/2016/07/06/3 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 71%CPEs: 228EXPL: 0CVE-2016-1286 – bind: malformed signature records for DNAME records can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1286
09 Mar 2016 — named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro de firma manipulado para un registro DNAME, ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html • CWE-617: Reachable Assertion •
CVSS: 6.8EPSS: 57%CPEs: 29EXPL: 0CVE-2016-2088 – Gentoo Linux Security Advisory 201610-07
https://notcve.org/view.php?id=CVE-2016-2088
09 Mar 2016 — resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option. resolver.c en named en ISC BIND 9.10.x en versiones anteriores a 9.10.3-P4, cuando las cookies DNS están habilitadas, permite a atacantes remotos provocar una denegación de servicio (fallo de aserción INSIST y salida de demonio) a través de un paquete mal formado con más ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 68%CPEs: 228EXPL: 0CVE-2016-1285 – bind: malformed packet sent to rndc can trigger assertion failure
https://notcve.org/view.php?id=CVE-2016-1285
09 Mar 2016 — named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. named en ISC BIND 9.x en versiones anteriores a 9.9.8-P4 y 9.10.x en versiones anteriores a 9.10.3-P4 no maneja adecuadamente los archivos DNAME cuando analiza gramaticalmente l... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html • CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 9%CPEs: 4EXPL: 0CVE-2016-1284
https://notcve.org/view.php?id=CVE-2016-1284
04 Feb 2016 — rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query. rdataset.c en ISC BIND 9 Supported Preview Edition 9.9.8-S en versiones anteriores a 9.9.8-S5, cuando la redirección nxdomain está habilitada, permite a atacantes remotos causar una denegación de servicio (error de aserción REQUIRE y salida de demonio) a través de val... • http://www.securitytracker.com/id/1034935 • CWE-20: Improper Input Validation •