ReportizFlow
Filtered by vendor Isc
Subscriptions
Filtered by product Bind
Subscriptions
Total
181 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2025-04-03 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2006-0987 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | ||||
| CVE-2002-0684 | 3 Gnu, Isc, Redhat | 4 Glibc, Bind, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | ||||
| CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | N/A |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. | ||||
| CVE-1999-0849 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| Denial of service in BIND named via maxdname. | ||||
| CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | ||||
| CVE-2001-0012 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | ||||
| CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2025-04-03 | N/A |
| The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2006-4096 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2025-04-03 | N/A |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | ||||
| CVE-2006-0527 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. | ||||
| CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2025-04-03 | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | ||||
| CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2025-04-03 | N/A |
| ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | ||||
| CVE-2001-0010 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | ||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | ||||
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2005-0034 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. | ||||
| CVE-1999-0184 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | ||||
| CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in BIND 8.2 via NXT records. | ||||