Filtered by vendor Isc
Subscribe
Total
228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1033 | 1 Isc | 1 Bind | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
|
|||||
| CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-09 | 10.0 HIGH | 5.4 MEDIUM |
|
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
|
|||||
| CVE-2009-0025 | 1 Isc | 1 Bind | 2025-04-09 | 6.8 MEDIUM | N/A |
|
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
|
|||||
| CVE-2008-4163 | 1 Isc | 1 Bind | 2025-04-09 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
|
|||||
| CVE-2009-0692 | 1 Isc | 1 Dhcp | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.
|
|||||
| CVE-2007-0493 | 1 Isc | 1 Bind | 2025-04-09 | 7.8 HIGH | N/A |
|
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
|
|||||
| CVE-2007-2930 | 1 Isc | 1 Bind | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926.
|
|||||
| CVE-2009-4022 | 1 Isc | 1 Bind | 2025-04-09 | 2.6 LOW | N/A |
|
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO ...
Show More |
|||||
| CVE-2009-1893 | 2 Isc, Redhat | 2 Dhcp, Enterprise Linux | 2025-04-09 | 6.9 MEDIUM | N/A |
|
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
|
|||||
| CVE-2009-1892 | 1 Isc | 1 Dhcp | 2025-04-09 | 5.0 MEDIUM | N/A |
|
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
|
|||||
| CVE-2007-0494 | 1 Isc | 1 Bind | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
|
|||||
| CVE-2008-1447 | 6 Canonical, Cisco, Debian and 3 more | 8 Ubuntu Linux, Ios, Debian Linux and 5 more | 2025-04-09 | 5.0 MEDIUM | 6.8 MEDIUM |
|
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kamin ...
Show More |
|||||
| CVE-2007-2241 | 1 Isc | 1 Bind | 2025-04-09 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
|
|||||
| CVE-2007-2926 | 1 Isc | 1 Bind | 2025-04-09 | 4.3 MEDIUM | N/A |
|
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
|
|||||
| CVE-2009-0265 | 1 Isc | 1 Bind | 2025-04-09 | 5.0 MEDIUM | 7.5 HIGH |
|
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
|
|||||
| CVE-2007-2925 | 1 Isc | 1 Bind | 2025-04-09 | 5.8 MEDIUM | N/A |
|
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
|
|||||
| CVE-2008-0122 | 2 Freebsd, Isc | 2 Freebsd, Bind | 2025-04-09 | 10.0 HIGH | N/A |
|
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
|
|||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
|
|||||
| CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
|
|||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
|
|||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in INN inews program.
|
|||||
| CVE-2005-0033 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.
|
|||||
| CVE-2002-0400 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
|
|||||
| CVE-1999-0100 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
|
Remote access in AIX innd 1.5.1, using control messages.
|
|||||
| CVE-2006-4096 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
|
|||||
| CVE-2000-1029 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.
|
|||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
|
|||||
| CVE-2004-1006 | 1 Isc | 1 Dhcpd | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
|
|||||
| CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
|
|||||
| CVE-1999-0706 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
|
|||||
| CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
DNS cache poisoning via BIND, by predictable query IDs.
|
|||||
| CVE-2001-0497 | 1 Isc | 1 Bind | 2025-04-03 | 4.6 MEDIUM | 7.8 HIGH |
|
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
|
|||||
| CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
|
|||||
| CVE-2002-0525 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
|
|||||
| CVE-1999-0808 | 1 Isc | 1 Dhcp Client | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.
|
|||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
|
|||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
|
|||||
| CVE-2001-0012 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
|
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
|
|||||
| CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."
|
|||||
| CVE-2003-0026 | 1 Isc | 1 Dhcpd | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
|
|||||