CVSS: 7.0EPSS: 4%CPEs: 59EXPL: 0CVE-2015-8705 – Gentoo Linux Security Advisory 201610-07
https://notcve.org/view.php?id=CVE-2015-8705
20 Jan 2016 — buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option. buffer.c en named en ISC BIND 9.10.x en versiones anteriores a 9.10.3-P3, cuando inicio de sesión depurado está habilitado, permite a atacantes remotos provocar una denegación de servicio (error de aserción REQUIRE y salida del dem... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 96%CPEs: 59EXPL: 0CVE-2015-8704 – bind: specific APL data could trigger an INSIST in apl_42.c
https://notcve.org/view.php?id=CVE-2015-8704
20 Jan 2016 — apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record. apl_42.c en ISC BIND 9.x en versiones anteriores a 9.9.8-P3, 9.9.x y 9.10.x en versiones anteriores a 9.10.3-P3 permite a usuarios remotos autenticados provocar una denegación de servicio (fallo de la afirmación INSIST y salida de demonio) a través de un registro Address Prefix ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 12%CPEs: 164EXPL: 0CVE-2015-8461 – Slackware Security Advisory - bind Updates
https://notcve.org/view.php?id=CVE-2015-8461
16 Dec 2015 — Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors. Condición de carrera en resolver.c en named en ISC BIND 9.9.8 en versiones anteriores a 9.9.8-P2 y 9.10.3 en versiones anteriores a 9.10.3-P2 permite a atacantes remotos causar una denegación de servicio (falla de aserción INSIST y salida del demonio) a través de vectores no especificados. ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 95%CPEs: 170EXPL: 0CVE-2015-8000 – bind: responses with a malformed class attribute can trigger an assertion failure in db.c
https://notcve.org/view.php?id=CVE-2015-8000
16 Dec 2015 — db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. db.c en named en ISC BIND 9.x en versiones anteriores a 9.9.8-P2 y 9.10.x en versiones anteriores a 9.10.3-P2 permite a atacantes remotos causar una denegación de servicio (falla de aserción REQUIRE y salida del demonio) a través de un atributo de clase mal formado. A denial of service flaw was found in the... • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174143.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 94%CPEs: 3EXPL: 0CVE-2015-5986 – Apple Security Advisory 2015-10-21-8
https://notcve.org/view.php?id=CVE-2015-5986
03 Sep 2015 — openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response. Openpgpkey_61.c en demonio named en ISC BIND 9.9.7 en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error en aserción REQUIRE y salida del demonio) a través de una respuesta DNS manipulada. New bind packag... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 96%CPEs: 3EXPL: 0CVE-2015-5722 – bind: malformed DNSSEC key failed assertion denial of service
https://notcve.org/view.php?id=CVE-2015-5722
02 Sep 2015 — buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. Vulnerabilidad en buffer.c en nombrado en ISC BIND 9.x en versiones anteriores a 9.9.7-P3 y 9.10.x en versiones anteriores a 9.10.2-P4, permite a atacantes remotos causar una denegación de servicio (error de aserción y salida del demonio) mediante... • http://lists.apple.com/archives/security-announce/2015/Oct/msg00009.html • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 11CVE-2015-5477 – ISC BIND 9 - TKEY Remote Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2015-5477
28 Jul 2015 — named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. Vulnerabilidad identificada en ISC BIND 9.x en versiones anteriores a 9.9.7-P2 y 9.10.x en versiones anteriores a 9.10.2-P3, permite a atacantes remotos causar una denegación de servicio (fallo en la comprobación de REQUIRE y salida del demonio) a través de consultas TKEY. A flaw was found in the way BIND handled requests for TKE... • https://packetstorm.news/files/id/180552 • CWE-19: Data Processing Errors CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 15%CPEs: 95EXPL: 0CVE-2015-4620 – bind: abort DoS caused by uninitialized value use in isselfsigned()
https://notcve.org/view.php?id=CVE-2015-4620
08 Jul 2015 — name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone. name.c en named en ISC BIND 9.7.x hasta 9.9.x anterior a 9.9.7-P1 y 9.10.x anterior a 9.10.2-P2, cuando configurado como solucionador recursivo con validación DNSSEC, permite ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162040.html • CWE-17: DEPRECATED: Code CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 6%CPEs: 92EXPL: 0CVE-2015-1349 – bind: issue in trust anchor management can cause named to crash
https://notcve.org/view.php?id=CVE-2015-1349
18 Feb 2015 — named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. named en ISC BIND 9.7.0 hasta 9.9.6 anterior a 9.9.6-P2 y 9.10.x anterior a 9.10.1-P2, cuando la característica de la validación DNSSEC y de las claves gestionadas ... • http://advisories.mageia.org/MGASA-2015-0082.html • CWE-391: Unchecked Error Condition CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-8680 – Gentoo Linux Security Advisory 201502-03
https://notcve.org/view.php?id=CVE-2014-8680
11 Dec 2014 — The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options. La funcionalidad GeoIP en ISC BIND 9.10.0 hasta 9.10.1 permite a atacantes remotos causar una denegación de servicio (fallo de aserción y salida nombrada) a través de vectores relacionados con (1) la falta de bases de datos GeoIP para IPv4 y IPv... • http://security.gentoo.org/glsa/glsa-201502-03.xml • CWE-20: Improper Input Validation CWE-284: Improper Access Control •