CVE-2015-4620 – bind: abort DoS caused by uninitialized value use in isselfsigned()
https://notcve.org/view.php?id=CVE-2015-4620
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone. name.c en named en ISC BIND 9.7.x hasta 9.9.x anterior a 9.9.7-P1 y 9.10.x anterior a 9.10.2-P2, cuando configurado como solucionador recursivo con validación DNSSEC, permite a atacantes remotos causar una denegación de servicio (fallo de aserción REQUIRE y salida de demonio) mediante la construcción de datos de zona manipulados y posteriormente la realización de una consulta de un nombre en esta zona. A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. • http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162040.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162286.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html http://marc.info/?l=bugtraq&m=143740940810833&w=2 http://rhn.redhat.com/errata/RHSA-2015-1443.html http://rhn.redhat.com& • CWE-17: DEPRECATED: Code CWE-617: Reachable Assertion •
CVE-2015-1349 – bind: issue in trust anchor management can cause named to crash
https://notcve.org/view.php?id=CVE-2015-1349
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. named en ISC BIND 9.7.0 hasta 9.9.6 anterior a 9.9.6-P2 y 9.10.x anterior a 9.10.1-P2, cuando la característica de la validación DNSSEC y de las claves gestionadas está habilitada, permite a atacantes remotos causar una denegación de servicio (fallo de aserción y salida del demonio, o caída del demonio) mediante la provocación de un escenario de gestión de identificadores de confianza (trust-anchor) incorrecto en que no haya clave lista para su uso. A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. • http://advisories.mageia.org/MGASA-2015-0082.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150904.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150905.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00038.html http:/ • CWE-391: Unchecked Error Condition CWE-399: Resource Management Errors •
CVE-2014-8500 – bind: delegation handling denial of service
https://notcve.org/view.php?id=CVE-2014-8500
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. ISC BIND 9.0.x hasta 9.8.x, 9.9.0 hasta 9.9.6, y 9.10.0 hasta 9.10.1 no limita el encadenamiento de la delegación, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída del nombrado) a través de un número grande o infinito de referencias. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. • http://advisories.mageia.org/MGASA-2014-0524.html http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10676 http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00017.html http://lists • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVE-2014-0591 – bind: named crash when handling malformed NSEC3-signed zones
https://notcve.org/view.php?id=CVE-2014-0591
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature. La función query_findclosestnsec3 en query.c de ISC BIND 9.6, 9.7, y 9.8 anterior a la versión 9.8.6-P2 y 9.9 anterior a 9.9.4-P2, y 9.6-ESV anterior a la versión 9.6-ESV-R10-02, permite a atacantes remotos provocar una denegación de servicio (salida del demonio y fallo de aserción INSIST) a través de una consulta hacia un servidor de nombres autoritativo que use la característica de firma NSEC3. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. • http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://linux.oracle.com/errata/ELSA-2014-1244 http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126761.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126772.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00009.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00016.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00019.html http://marc.info/& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-6230
https://notcve.org/view.php?id=CVE-2013-6230
The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask. El API Winsock WSAloctl en Microsoft Windows Server 2008, utilizado en ISC BIND 9.6-ESV (anterior a 9.6-ESV-R10-P1), 9.8 (anterior a 9.8.6-P1), 9.9 (anterior a 9.9.4-P1, 9.9.3-S1, 9.9.4-S1), y otros productos, no soportan apropiadamente el comando SIO_GET_INTERFACE_LIST para la máscara de red 255.255.255.255, lo que permite a atacantes remotos sorterar restricciones de dirección IP aprovechando la reinterpretación de esta máscara como 0.0.0.0 • http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.518391 https://kb.isc.org/article/AA-01062 https://kb.isc.org/article/AA-01063 • CWE-264: Permissions, Privileges, and Access Controls •