CVSS: 9.8EPSS: 6%CPEs: 2EXPL: 0CVE-2006-0527
https://notcve.org/view.php?id=CVE-2006-0527
02 Feb 2006 — BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. • http://attrition.org/pipermail/vim/2006-February/000551.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 32%CPEs: 2EXPL: 0CVE-2005-0033
https://notcve.org/view.php?id=CVE-2005-0033
29 Jan 2005 — Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2005-0034
https://notcve.org/view.php?id=CVE-2005-0034
29 Jan 2005 — An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 •
CVSS: 8.2EPSS: 15%CPEs: 58EXPL: 0CVE-2003-0914
https://notcve.org/view.php?id=CVE-2003-0914
02 Dec 2003 — ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. ISC BIND 8.3.x antes de 8.3.7, y 8.4.x antes de 8.4.3 permite a atacantes remotos envenenar la cache mediante un servidor de nombres malicioso que devuelve respuestas negativas con un valor TTL (time to live) largo. • ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt •
CVSS: 7.5EPSS: 2%CPEs: 31EXPL: 0CVE-2002-2211
https://notcve.org/view.php?id=CVE-2002-2211
31 Dec 2002 — BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html •
CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2002-2212
https://notcve.org/view.php?id=CVE-2002-2212
31 Dec 2002 — The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf •
CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2002-2213
https://notcve.org/view.php?id=CVE-2002-2213
31 Dec 2002 — The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf •
CVSS: 9.8EPSS: 7%CPEs: 24EXPL: 0CVE-2002-1219
https://notcve.org/view.php?id=CVE-2002-1219
29 Nov 2002 — Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Desbordamiento de búfer en BIND versiones 4 anteriores a 4.9.10, y versiones 8 anteriores a 8.3.3, permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta de servidor DNS conteniendo registros de recursos (RR) SIG. • ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P •
CVSS: 7.5EPSS: 19%CPEs: 11EXPL: 1CVE-2002-1220 – ISC BIND 8.3.x - OPT Record Large UDP Denial of Service
https://notcve.org/view.php?id=CVE-2002-1220
29 Nov 2002 — BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 •
CVSS: 7.5EPSS: 3%CPEs: 21EXPL: 0CVE-2002-1221
https://notcve.org/view.php?id=CVE-2002-1221
29 Nov 2002 — BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 •