CVE-2009-0265
https://notcve.org/view.php?id=CVE-2009-0265
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025. Internet Systems Consortium (ISC) BIND en versiones 9.6.0 y anteriores no comprueba adecuadamente el valor de retorno de la función EVP_VerifyFinal de OpenSSL, lo cual permite a atacantes remotos eludir la validación del certificado a través de una firma SSL/TLS malformada, se trata de una vulnerabilidad similar a CVE-2008-5077 y CVE-2009-0025. • http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33 http://secunia.com/advisories/33559 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.540362 http://www.mandriva.com/security/advisories?name=MDVSA-2009:037 http://www.vupen.com/english/advisories/2009/0043 https://www.isc.org/node/373 • CWE-252: Unchecked Return Value CWE-295: Improper Certificate Validation •
CVE-2009-0025 – bind: DSA_do_verify() returns check issue
https://notcve.org/view.php?id=CVE-2009-0025
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3 y versiones anteriores no comprueba adecuadamente el valor de retorno de la función OpenSSL DSA_verify, lo que permite a atacantes remotos eludir la validación de la cadena del certificado a través de una firma SSL/TLS mal formada, una vulnerabilidad similar a CVE-2008-5077. • http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/49ef622c8329fd33 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://marc.info/?l=bugtraq&m=141879471518471&w=2 http://secunia.com/advisories/33494 http://secunia.com/advisories/33546 http://secunia.com/advisories/33551 http://secunia.com/advisories/33559 http://secunia.com/advisories/33683 http://secunia.com/advisories/33882 http://secunia.com/advisories/35074 http://security • CWE-287: Improper Authentication •
CVE-2008-4163
https://notcve.org/view.php?id=CVE-2008-4163
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. Vulnerabilidad sin especificar en ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, y 9.5.0-P2-W1 sobre Windows, permite a atacantes remotos provocar una denegación de servicio (caída del manejador cliente UDP) a través de vectores desconocidos. • http://marc.info/?l=bind-announce&m=122180244228376&w=2 http://marc.info/?l=bind-announce&m=122180244228378&w=2 http://marc.info/?l=bind-announce&m=122180376630150&w=2 http://secunia.com/advisories/31924 http://www.securityfocus.com/bid/31252 http://www.securitytracker.com/id?1020901 http://www.vupen.com/english/advisories/2008/2637 https://exchange.xforce.ibmcloud.com/vulnerabilities/45234 • CWE-20: Improper Input Validation •
CVE-2008-0122 – libbind off-by-one buffer overflow
https://notcve.org/view.php?id=CVE-2008-0122
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. Error por un paso en la función inet_network en libbind en ISC BIND 9.4.2 y versiones anteriores, como se utiliza en libc en FreeBSD 6.2 hasta la versión 7.0-PRERELEASE, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de entradas manipuladas que desencadenan corrupción de memoria. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://secunia.com/advisories/28367 http://secunia.com/advisories/28429 http://secunia.com/advisories/28487 http://secunia.com/advisories/28579 http://secunia.com/advisories/29161 http://secunia.com/advisories/29323 http://secunia.com/advisories/30313 http://secunia.com/advisories/30538 http://secunia.com/advisories/30718 http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc http://sunsolve.s • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVE-2007-2926 – BIND 9 0.3beta - DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2007-2926
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning. ISC BIND 9 hasta 9.5.0a5 utiliza un número aleatorio debil a lo largo de la generación de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace más fácil para atacantes remotos para adivinar la siguiente consulta id y llevar a cabo envenenamientos de la cache DNS. • https://www.exploit-db.com/exploits/4266 ftp://aix.software.ibm.com/aix/efixes/security/README ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://docs.info.apple.com/article.html?artnum=307041 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368 http://lists.apple.com/archives/ •