Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

isc bind 9.2.5 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2006-4096
BIND prior to 9.2.6-P1 and 9.3.x prior to 9.3.2-P1 allows remote malicious users to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
Isc Bind 9.2.4Isc Bind 9.2.5Isc Bind 9.2.0Isc Bind 9.2.1Isc Bind 9.3.0Isc Bind 9.3.1Isc Bind 9.2.2Isc Bind 9.2.3Isc Bind 9.3.2Isc Bind 9.2.6Isc Bind 9.3
4.3
CVSSv2
CVE-2007-0494
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote malicious users to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets...
Isc Bind 9.4.0Isc Bind 9.3.1Isc Bind 9.3.0Isc Bind 9.2.4Isc Bind 9.2.3Isc Bind 9.2.1Isc Bind 9.3.2Isc Bind 9.2.5Isc Bind 9.2.2Isc Bind 9.2.0Isc Bind 9.1.3Isc Bind 9.1.2Isc Bind 9.1.1Isc Bind 9.0.0Isc Bind 9.5.0Isc Bind 9.2.6Isc Bind 9.0.1Isc Bind 9.3Isc Bind 9.2Isc Bind 9.0Isc Bind 9.1.0Isc Bind 9.1
6.8
CVSSv2
CVE-2009-0025
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and previous versions does not properly check the return value from the OpenSSL DSA_verify function, which allows remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CV...
Isc Bind 9.4.3Isc Bind 9.4.1Isc Bind 9.4.0Isc Bind 9.2.7Isc Bind 9.2.4Isc Bind 9.2.3Isc Bind 9.2.1Isc Bind 9.2.6Isc Bind 9.2.2Isc Bind 9.2.0Isc Bind 9.1.3Isc Bind 9.1.1Isc Bind 9.0.1Isc Bind 9.1Isc Bind 9.0.0Isc Bind 9.0Isc Bind 9.5.1Isc Bind 9.5.0Isc Bind 9.4.2Isc Bind 9.2.5Isc Bind 9.1.2Isc Bind 9.1.0
2.6
CVSSv2
CVE-2009-4022
Unspecified vulnerability in ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P4, 9.5 prior to 9.5.2-P1, 9.6 prior to 9.6.1-P2, and 9.7 beta prior to 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote malicious users to conduct DNS cache...
Isc Bind 9.7.0Isc Bind 9.6.0Isc Bind 9.5.1Isc Bind 9.5.0Isc Bind 9.4.3Isc Bind 9.4.0Isc Bind 9.3.5Isc Bind 9.3.4Isc Bind 9.3.1Isc Bind 9.3.0Isc Bind 9.2.7Isc Bind 9.2.4Isc Bind 9.2.3Isc Bind 9.2.1Isc Bind 9.2.0Isc Bind 9.2Isc Bind 9.1.1Isc Bind 9.1.0Isc Bind 9.1Isc Bind 9.0.1Isc Bind 9.0.0Isc Bind 9.6.1
5
CVSSv2
CVE-2012-1033
The resolver in ISC BIND 9 up to and including 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain names via a "...
Isc Bind 9.7.1Isc Bind 9.7.3Isc Bind 9.5.1Isc Bind 9.6.0Isc Bind 9.5.0Isc Bind 9.2.1Isc Bind 9.2.2Isc Bind 9.0Isc Bind 9.0.1Isc Bind 9.7.2Isc Bind 9.3Isc Bind 9.2.7Isc Bind 9.2.6Isc Bind 9.4.1Isc Bind 9.8.0Isc Bind 9.8.1Isc Bind 9.7.4Isc Bind 9.1Isc Bind 9.7.0Isc Bind 9.4Isc Bind 9.2.5Isc Bind 9.5
6.6
CVSSv2
CVE-2015-8705
buffer.c in named in ISC BIND 9.10.x prior to 9.10.3-P3, when debug logging is enabled, allows remote malicious users to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS...
Isc Bind 9.10.2Isc Bind 9.6Isc Bind 9.5.3Isc Bind 9.5.2Isc Bind 9.5.1Isc Bind 9.4.3Isc Bind 9.4Isc Bind 9.3.3Isc Bind 9.2.5Isc Bind 9.2.4Isc Bind 9.1.2Isc Bind 9.1.1Isc Bind 9.10.3Isc Bind 9.5.0Isc Bind 9.5Isc Bind 9.4.1Isc Bind 9.4.0Isc Bind 9.3.0Isc Bind 9.3Isc Bind 9.2.1Isc Bind 9.2.0Isc Bind 9.0
7.6
CVSSv2
CVE-2010-0382
ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote malicious users to have an ...
Isc Bind 9.7.0Isc Bind 9.6.1Isc Bind 9.6.0Isc Bind 9.4.3Isc Bind 9.4.1Isc Bind 9.4.0Isc Bind 9.3.5Isc Bind 9.3.2Isc Bind 9.3.1Isc Bind 9.3.0Isc Bind 9.2.7Isc Bind 9.2.4Isc Bind 9.2.3Isc Bind 9.2.2Isc Bind 9.2.1Isc Bind 9.2.0Isc Bind 9.10.3Isc Bind 9.10.1Isc Bind 9.10.0Isc Bind 9.1.3Isc Bind 9.1.1Isc Bind 9.0.1
4
CVSSv2
CVE-2010-0290
Unspecified vulnerability in ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote malicious users to conduct DNS cache poisoning atta...
Isc Bind 9.10.0Isc Bind 9.10.2Isc Bind 9.6.1Isc Bind 9.2.0Isc Bind 9.1.1Isc Bind 9.3.1Isc Bind 9.4.3Isc Bind 9.2.3Isc Bind 9.1.3Isc Bind 9.10.1Isc Bind 9.4.0Isc Bind 9.3.5Isc Bind 9.7.0Isc Bind 9.3.2Isc Bind 9.10.3Isc Bind 9.2.8Isc Bind 9.2Isc Bind 9.3.0Isc Bind 9.2.4Isc Bind 9.2.1Isc Bind 9.0.0Isc Bind 9.3
4.3
CVSSv2
CVE-2010-0097
ISC BIND 9.0.x up to and including 9.3.x, 9.4 prior to 9.4.3-P5, 9.5 prior to 9.5.2-P2, 9.6 prior to 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote malicious users to add the Authenticated Data (AD) flag to a forged ...
Isc Bind 9.6.0Isc Bind 9.7.0Isc Bind 9.6Isc Bind 9.5.1Isc Bind 9.5.0Isc Bind 9.4.3Isc Bind 9.4.0Isc Bind 9.4Isc Bind 9.3.6Isc Bind 9.3.5Isc Bind 9.3.3Isc Bind 9.3.2Isc Bind 9.3.0Isc Bind 9.2.8Isc Bind 9.2.7Isc Bind 9.2.5Isc Bind 9.2.4Isc Bind 9.2.3Isc Bind 9.2.2Isc Bind 9.2.0Isc Bind 9.1.3Isc Bind 9.1.2
5
CVSSv2
CVE-2011-1910
Off-by-one error in named in ISC BIND 9.x prior to 9.7.3-P1, 9.8.x prior to 9.8.0-P2, 9.4-ESV prior to 9.4-ESV-R4-P1, and 9.6-ESV prior to 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing l...
Isc Bind 9.8.0Isc Bind 9.7.3Isc Bind 9.7.1Isc Bind 9.7.0Isc Bind 9.6.3Isc Bind 9.6.1Isc Bind 9.6.0Isc Bind 9.6Isc Bind 9.5.2Isc Bind 9.5.1Isc Bind 9.5.0Isc Bind 9.5Isc Bind 9.4.3Isc Bind 9.4.2Isc Bind 9.4.0Isc Bind 9.4Isc Bind 9.3.6Isc Bind 9.3.3Isc Bind 9.3.0Isc Bind 9.2.9Isc Bind 9.2.6Isc Bind 9.2.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook