CVSS: 5.8EPSS: 1%CPEs: 3EXPL: 0CVE-2007-2925
https://notcve.org/view.php?id=CVE-2007-2925
24 Jul 2007 — The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache. La lista de control de acceso por defecto (ACL) en ISC BIND 9.4.0, 9.4.1, y 9.5.0a1 hasta 9.5.0a5 no asigna las ACLs allow-recursion y allow-query-cache, lo cual permite a atacantes remotos realizar consultas recursivas y consultar la cache. • http://secunia.com/advisories/26227 •
CVSS: 7.5EPSS: 61%CPEs: 7EXPL: 1CVE-2007-2926 – BIND 9 0.3beta - DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2007-2926
24 Jul 2007 — ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning. ISC BIND 9 hasta 9.5.0a5 utiliza un número aleatorio debil a lo largo de la generación de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace má... • https://www.exploit-db.com/exploits/4266 •
CVSS: 7.5EPSS: 29%CPEs: 2EXPL: 0CVE-2007-2241
https://notcve.org/view.php?id=CVE-2007-2241
02 May 2007 — Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. Vulnerabilidad sin especificar en el query.c del ISC BIND 9.4.0 y del 9.5.0a1 hasta la 9.5.0a3, cuando la recursividad está activada, permite a atacantes remotos provocar una denegación de servicio (salida del demonio) a través de una secuencia de sentencias procesad... • http://osvdb.org/34748 •
CVSS: 7.5EPSS: 95%CPEs: 92EXPL: 0CVE-2007-0494 – BIND dnssec denial of service
https://notcve.org/view.php?id=CVE-2007-0494
25 Jan 2007 — ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability. ISC BIND 9.0.x, 9.1.x, 9.2.0 hasta la versión 9.2.7, 9.3.0 hasta la versión 9.3.3, 9.4.0a1 hasta la versión 9.4.0a6, 9.4.0b1 hasta la versión 9.4.0b4, 9.4.0rc... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 38%CPEs: 6EXPL: 0CVE-2007-0493 – bind use-after-free
https://notcve.org/view.php?id=CVE-2007-0493
25 Jan 2007 — Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." Vulnerabilidad "usar después de liberar" en ISC BIND 9.3.0 hasta 9.3.3, 9.4.0a1 hasta 9.4.0a6, 9.4.0b1 hasta 9.4.0b4, 9.4.0rc1, y 9.5.0a1 (Bind Forum only) permite a atacantes remotos provocar una denegación de ... • http://docs.info.apple.com/article.html?artnum=305530 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 9%CPEs: 9EXPL: 0CVE-2006-4095
https://notcve.org/view.php?id=CVE-2006-4095
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de ciertas consultas SIG, lo cual provoca una falta de aserción cuando múltiples RRsets se devuelven. • http://docs.info.apple.com/article.html?artnum=305530 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 17%CPEs: 11EXPL: 0CVE-2006-4096 – HP Security Bulletin HPSBOV03226 1
https://notcve.org/view.php?id=CVE-2006-4096
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de una inundación de preguntas recurrentes, que causan una fallo de INSIST cuando se recibe la respuesta después de que la cola recursiva esté ... • http://docs.info.apple.com/article.html?artnum=305530 •
CVSS: 7.5EPSS: 12%CPEs: 13EXPL: 0CVE-2006-2073
https://notcve.org/view.php?id=CVE-2006-2073
27 Apr 2006 — Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. • http://secunia.com/advisories/19808 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2006-0987 – DNS Amplification Scanner
https://notcve.org/view.php?id=CVE-2006-0987
03 Mar 2006 — The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • https://packetstorm.news/files/id/181220 •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 0CVE-2006-0527
https://notcve.org/view.php?id=CVE-2006-0527
02 Feb 2006 — BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. • http://attrition.org/pipermail/vim/2006-February/000551.html • CWE-264: Permissions, Privileges, and Access Controls •