Isc Bind vulnerabilities

CVE-2005-0033 [MEDIUM] CVE-2005-0033: Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote at Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.

CVE-2003-0914 [MEDIUM] CVE-2003-0914: ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

CVE-2002-2213 [MEDIUM] CVE-2002-2213: The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries f The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing

CVE-2002-2211 [MEDIUM] CVE-2002-2211: BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient

CVE-2002-2212 [MEDIUM] CVE-2002-2212: The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a r

CVE-2002-0029 [HIGH] CVE-2002-0029: Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derive Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability t

CVE-2002-1219 [HIGH] CVE-2002-1219: Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, al Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).

CVE-2002-1221 [MEDIUM] CVE-2002-1221: BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR eleme BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.

CVE-2002-1220 [MEDIUM] CVE-2002-1220: BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to as BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.

CVE-2002-0684 [HIGH] CVE-2002-0684: Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as use Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.

CVE-2002-0651 [HIGH] CVE-2002-0651: Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.

CVE-2002-0400 [MEDIUM] CVE-2002-0400: ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malfor ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.

CVE-2001-0497 [HIGH] CWE-276 CVE-2001-0497: dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permi dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.

CVE-2001-0011 [CRITICAL] CVE-2001-0011: Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileg Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

CVE-2001-0013 [CRITICAL] CVE-2001-0013: Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain r Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

CVE-2001-0010 [CRITICAL] CVE-2001-0010: Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to g Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

CVE-2001-0012 [MEDIUM] CVE-2001-0012: BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variabl BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.

CVE-2000-0888 [MEDIUM] CVE-2000-0888: named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending a named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."

CVE-2000-0887 [MEDIUM] CVE-2000-0887: named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."

CVE-2000-1029 [CRITICAL] CVE-2000-1029: Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long re Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.