Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

isc bind 9.10.5 vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv3
CVE-2023-3341
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of avai...
Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc Bind 9.16.21Isc Bind 9.11.35Isc Bind 9.11.37Isc Bind 9.16.32Isc Bind 9.16.14
7.5
CVSSv3
CVE-2022-38177
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc Bind 9.16.21Isc Bind 9.11.35Isc Bind 9.11.14-s1Isc Bind 9.11.19-s1Isc Bind 9.11.37
5.3
CVSSv3
CVE-2022-2795
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc Bind 9.16.21Isc Bind 9.11.35Isc Bind 9.11.14-s1Isc Bind 9.11.19-s1Isc Bind
5.3
CVSSv3
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative s...
Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc Bind 9.16.21Isc BindIsc Bind 9.11.35Debian Debian Linux 9.0Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2021-25214
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulne...
Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc BindDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 33Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2021-25215
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of name...
Debian Debian Linux 9.0Debian Debian Linux 10.0Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc Bind 9.11.8Isc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.21Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.11.27Isc Bind 9.16.13Isc Bind 9.11.29Isc BindFedoraproject Fedora 33Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2021-25216
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if th...
Debian Debian Linux 9.0Debian Debian Linux 10.0Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.12Isc BindIsc Bind 9.9.12Isc Bind 9.9.13Isc Bind 9.11.8Isc Bind 9.11.21Isc Bind 9.11.27Isc Bind 9.11.29Isc Bind 9.16.8Isc Bind 9.16.11Isc Bind 9.16.13Siemens Sinec Infrastructure Network ServicesNetapp Cloud Backup -
7.5
CVSSv3
CVE-2020-8623
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the...
Isc BindIsc Bind 9.10.5Isc Bind 9.11.21Fedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Leap 15.1Opensuse Leap 15.2Debian Debian Linux 9.0Debian Debian Linux 10.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Synology Dns ServerNetapp Steelstore Cloud Integrated Storage -
8.6
CVSSv3
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proce...
Isc BindIsc Bind 9.12.4Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.8Debian Debian Linux 9.0Debian Debian Linux 10.0
5.9
CVSSv3
CVE-2020-8617
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whos...
Isc BindIsc Bind 9.12.4Isc Bind 9.11.7Isc Bind 9.11.3Isc Bind 9.11.6Isc Bind 9.10.5Isc Bind 9.11.5Isc Bind 9.9.3Isc Bind 9.10.7Isc Bind 9.11.8Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Leap 15.1Opensuse Leap 15.2Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 19.10Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook