CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2002-2212
https://notcve.org/view.php?id=CVE-2002-2212
31 Dec 2002 — The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf •
CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2002-2213
https://notcve.org/view.php?id=CVE-2002-2213
31 Dec 2002 — The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf •
CVSS: 9.8EPSS: 7%CPEs: 24EXPL: 0CVE-2002-1219
https://notcve.org/view.php?id=CVE-2002-1219
29 Nov 2002 — Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). Desbordamiento de búfer en BIND versiones 4 anteriores a 4.9.10, y versiones 8 anteriores a 8.3.3, permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta de servidor DNS conteniendo registros de recursos (RR) SIG. • ftp://patches.sgi.com/support/free/security/advisories/20021201-01-P •
CVSS: 7.5EPSS: 19%CPEs: 11EXPL: 1CVE-2002-1220 – ISC BIND 8.3.x - OPT Record Large UDP Denial of Service
https://notcve.org/view.php?id=CVE-2002-1220
29 Nov 2002 — BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 •
CVSS: 7.5EPSS: 3%CPEs: 21EXPL: 0CVE-2002-1221
https://notcve.org/view.php?id=CVE-2002-1221
29 Nov 2002 — BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. BIND 8.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (caída) mediante elementos registro de recurso (RR) SIG con fecha de expiració inválida, que son eliminados de la la base de datos interna de BIND y luego causan una desreferencia a nulo. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 •
CVSS: 9.8EPSS: 26%CPEs: 18EXPL: 0CVE-2002-0029
https://notcve.org/view.php?id=CVE-2002-0029
21 Nov 2002 — Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. Desbordamientos de búfer en la libreria de resolución de raíz DNS en ISC BIND 4.9.2 a 4.9.10, y otras librerías derivadas como BSD... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-028.txt.asc •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 0CVE-2002-0684
https://notcve.org/view.php?id=CVE-2002-0684
31 Jul 2002 — Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. Desbordamiento de búfer en las funciones de resolución de DNS que buscan nombres de red y direcciones, como en BIND 4.9.8 y glibc 2.2.5 y anteriores, permiten que servidores DNS remotos ejecuten código arbitrario por ... • http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507 •
CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 0CVE-2002-0651
https://notcve.org/view.php?id=CVE-2002-0651
03 Jul 2002 — Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. • ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA2002-006.txt.asc •
CVSS: 7.5EPSS: 27%CPEs: 6EXPL: 0CVE-2002-0400
https://notcve.org/view.php?id=CVE-2002-0400
18 Jun 2002 — ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.24.1/CSSA-2002-SCO.24.1.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0497
https://notcve.org/view.php?id=CVE-2001-0497
21 Jul 2001 — dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. • http://www.osvdb.org/5609 • CWE-276: Incorrect Default Permissions •