Filtered by vendor Isc
Subscribe
Total
222 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2925 | 1 Isc | 1 Bind | 2024-02-28 | 5.8 MEDIUM | N/A |
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache. | |||||
CVE-2007-2241 | 1 Isc | 1 Bind | 2024-02-28 | 7.1 HIGH | N/A |
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. | |||||
CVE-2007-0493 | 1 Isc | 1 Bind | 2024-02-28 | 7.8 HIGH | N/A |
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." | |||||
CVE-2008-0122 | 2 Freebsd, Isc | 2 Freebsd, Bind | 2024-02-28 | 10.0 HIGH | N/A |
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. | |||||
CVE-2006-2073 | 1 Isc | 1 Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
CVE-2006-0527 | 1 Isc | 1 Bind | 2024-02-28 | 7.5 HIGH | N/A |
BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. | |||||
CVE-2005-0033 | 1 Isc | 1 Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. | |||||
CVE-2006-4096 | 1 Isc | 1 Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | |||||
CVE-2006-0987 | 1 Isc | 1 Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | |||||
CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2024-02-28 | 5.0 MEDIUM | N/A |
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | |||||
CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | |||||
CVE-2005-0034 | 1 Isc | 1 Bind | 2024-02-28 | 4.3 MEDIUM | N/A |
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. | |||||
CVE-2004-1006 | 1 Isc | 1 Dhcpd | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. | |||||
CVE-2002-0400 | 1 Isc | 1 Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | |||||
CVE-2000-0360 | 1 Isc | 1 Inn | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
DNS cache poisoning via BIND, by predictable query IDs. | |||||
CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2024-02-28 | 5.0 MEDIUM | N/A |
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2024-02-28 | 7.2 HIGH | N/A |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | |||||
CVE-2001-0011 | 1 Isc | 1 Bind | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in INN inews program. |