CVSS: 7.5EPSS: 15%CPEs: 7EXPL: 1CVE-2007-2926 – BIND 9 0.3beta - DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2007-2926
24 Jul 2007 — ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning. ISC BIND 9 hasta 9.5.0a5 utiliza un número aleatorio debil a lo largo de la generación de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace má... • https://www.exploit-db.com/exploits/4266 •
CVSS: 7.5EPSS: 16%CPEs: 2EXPL: 0CVE-2007-2241
https://notcve.org/view.php?id=CVE-2007-2241
02 May 2007 — Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. Vulnerabilidad sin especificar en el query.c del ISC BIND 9.4.0 y del 9.5.0a1 hasta la 9.5.0a3, cuando la recursividad está activada, permite a atacantes remotos provocar una denegación de servicio (salida del demonio) a través de una secuencia de sentencias procesad... • http://osvdb.org/34748 •
CVSS: 7.8EPSS: 24%CPEs: 6EXPL: 0CVE-2007-0493 – bind use-after-free
https://notcve.org/view.php?id=CVE-2007-0493
25 Jan 2007 — Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." Vulnerabilidad "usar después de liberar" en ISC BIND 9.3.0 hasta 9.3.3, 9.4.0a1 hasta 9.4.0a6, 9.4.0b1 hasta 9.4.0b4, 9.4.0rc1, y 9.5.0a1 (Bind Forum only) permite a atacantes remotos provocar una denegación de ... • http://docs.info.apple.com/article.html?artnum=305530 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 80%CPEs: 92EXPL: 0CVE-2007-0494 – BIND dnssec denial of service
https://notcve.org/view.php?id=CVE-2007-0494
25 Jan 2007 — ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability. ISC BIND 9.0.x, 9.1.x, 9.2.0 hasta la versión 9.2.7, 9.3.0 hasta la versión 9.3.3, 9.4.0a1 hasta la versión 9.4.0a6, 9.4.0b1 hasta la versión 9.4.0b4, 9.4.0rc... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc • CWE-19: Data Processing Errors •
CVSS: 7.5EPSS: 9%CPEs: 9EXPL: 0CVE-2006-4095
https://notcve.org/view.php?id=CVE-2006-4095
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de ciertas consultas SIG, lo cual provoca una falta de aserción cuando múltiples RRsets se devuelven. • http://docs.info.apple.com/article.html?artnum=305530 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 24%CPEs: 11EXPL: 0CVE-2006-4096 – HP Security Bulletin HPSBOV03226 1
https://notcve.org/view.php?id=CVE-2006-4096
06 Sep 2006 — BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. BIND anterior a 9.2.6-P1 y 9.3.x anterior a 9.3.2-P1 permite a un atacante remoto provocar denegación de servicio (caida) a través de una inundación de preguntas recurrentes, que causan una fallo de INSIST cuando se recibe la respuesta después de que la cola recursiva esté ... • http://docs.info.apple.com/article.html?artnum=305530 •
CVSS: 7.5EPSS: 6%CPEs: 13EXPL: 0CVE-2006-2073
https://notcve.org/view.php?id=CVE-2006-2073
27 Apr 2006 — Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. • http://secunia.com/advisories/19808 •
CVSS: 7.5EPSS: 28%CPEs: 1EXPL: 2CVE-2006-0987 – DNS Amplification Scanner
https://notcve.org/view.php?id=CVE-2006-0987
03 Mar 2006 — The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. • https://packetstorm.news/files/id/181220 •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2005-0034
https://notcve.org/view.php?id=CVE-2005-0034
29 Jan 2005 — An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. • http://secunia.com/advisories/14008 •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2002-0651
https://notcve.org/view.php?id=CVE-2002-0651
03 Jul 2002 — Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. • ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA2002-006.txt.asc •