cbcvebase.

Isc Bind9 vulnerabilities

128 known vulnerabilities affecting isc/bind9.

Total CVEs
128
CISA KEV
0
Public exploits
7
Exploited in wild
4
Severity breakdown
CRITICAL1HIGH73MEDIUM47LOW7

Vulnerabilities

Page 7 of 7
CVE-2010-0290P4LOWCVSS 2.6≥ 0, < 1:9.7.0.dfsg-12010-01-22
CVE-2010-0290 [LOW] CVE-2010-0290: Unspecified vulnerability in ISC BIND 9 Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching,
osv
CVE-2010-3762P4MEDIUMCVSS 4.3≥ 0, < 1:9.7.2.dfsg.P2-12010-10-05
CVE-2010-3762 [MEDIUM] CVE-2010-3762: ISC BIND before 9 ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
osv
CVE-2011-1907P4MEDIUMCVSS 5.0≥ 0, < 1:9.8.1.dfsg.P1-12011-05-09
CVE-2011-1907 [MEDIUM] CVE-2011-1907: ISC BIND 9 ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
osv
CVE-2006-2073P4MEDIUMCVSS 5.0≥ 0, < 1:9.3.3-12006-04-27
CVE-2006-2073 [MEDIUM] CVE-2006-2073: Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstr Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
osv
CVE-2005-0034P4MEDIUMCVSS 4.3≥ 0, < 1:9.3.12005-05-02
CVE-2005-0034 [MEDIUM] CVE-2005-0034: An "incorrect assumption" in the authvalidated validator function in BIND 9 An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.
osv
CVE-2009-4022P4LOWCVSS 2.6≥ 0, < 1:9.6.1.dfsg.P2-12009-11-25
CVE-2009-4022 [LOW] CVE-2009-4022: Unspecified vulnerability in ISC BIND 9 Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when t
osv
CVE-2011-2465P4LOWCVSS 2.6≥ 0, < 1:9.8.1.dfsg.P1-12011-07-08
CVE-2011-2465 [LOW] CVE-2011-2465: Unspecified vulnerability in ISC BIND 9 9 Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
osv
CVE-2010-0213P4LOWCVSS 2.6≥ 0, < 9.7.1.dfsg.P22010-07-28
CVE-2010-0213 [LOW] CVE-2010-0213: BIND 9 BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers.
osv
Isc Bind9 vulnerabilities | cvebase