Filtered by vendor Isc Subscriptions
Total 227 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0914 9 Compaq, Freebsd, Hp and 6 more 10 Tru64, Freebsd, Hp-ux and 7 more 2024-11-21 N/A
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVE-2003-0039 2 Isc, Redhat 2 Dhcpd, Linux 2024-11-21 N/A
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.
CVE-2003-0026 2 Isc, Redhat 2 Dhcpd, Linux 2024-11-21 N/A
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
CVE-2002-2213 2 Infoblox, Isc 2 Dns One, Bind 2024-11-21 N/A
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
CVE-2002-2212 2 Fujitsu, Isc 2 Uxp V, Bind 2024-11-21 N/A
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
CVE-2002-2211 1 Isc 1 Bind 2024-11-21 N/A
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
CVE-2002-1221 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2024-11-21 N/A
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
CVE-2002-1220 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2024-11-21 N/A
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
CVE-2002-1219 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2024-11-21 N/A
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVE-2002-0702 1 Isc 1 Dhcpd 2024-11-21 N/A
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.
CVE-2002-0684 3 Gnu, Isc, Redhat 4 Glibc, Bind, Enterprise Linux and 1 more 2024-11-21 N/A
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
CVE-2002-0651 2 Isc, Redhat 3 Bind, Enterprise Linux, Linux 2024-11-21 N/A
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
CVE-2002-0525 1 Isc 1 Inn 2024-11-21 N/A
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
CVE-2002-0400 2 Isc, Redhat 3 Bind, Enterprise Linux, Linux 2024-11-21 N/A
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
CVE-2002-0029 3 Astaro, Isc, Redhat 3 Security Linux, Bind, Enterprise Linux 2024-11-21 N/A
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
CVE-2001-1442 1 Isc 1 Inn 2024-11-21 N/A
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
CVE-2001-0497 1 Isc 1 Bind 2024-11-21 7.8 High
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
CVE-2001-0013 2 Isc, Redhat 2 Bind, Linux 2024-11-21 N/A
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
CVE-2001-0012 2 Isc, Redhat 2 Bind, Linux 2024-11-21 N/A
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
CVE-2001-0011 2 Isc, Redhat 2 Bind, Linux 2024-11-21 N/A
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.