Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isc bind vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3094
Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access pe...
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.16.13
Isc Bind 9.16.21
Isc Bind 9.16.32
Isc Bind 9.16.14
Isc Bind
Isc Bind 9.16.36
NA
CVE-2022-3736
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 up to and including 9.16.36, 9.18.0 up to and includin...
Isc Bind 9.16.11
Isc Bind 9.16.13
Isc Bind 9.16.21
Isc Bind 9.16.32
Isc Bind 9.16.14
Isc Bind
Isc Bind 9.16.36
NA
CVE-2022-3924
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase i...
Isc Bind 9.16.13
Isc Bind 9.16.21
Isc Bind 9.16.32
Isc Bind 9.16.14
Isc Bind
Isc Bind 9.16.36
Isc Bind 9.16.12
5
CVSSv2
CVE-2001-0012
BIND 4 and BIND 8 allow remote malicious users to access sensitive information such as environment variables.
Isc Bind 4.9.3
Isc Bind 8.2
Isc Bind 8.2.2
Isc Bind 4.9.5
Isc Bind 4.9.6
Isc Bind 4.9.7
Isc Bind 8.2.1
4.3
CVSSv2
CVE-2007-2926
ISC BIND 9 up to and including 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote malicious users to guess the next query id and perfor...
Isc Bind 9.3
Isc Bind 9.4
Isc Bind 9.5
Isc Bind 9.5.0
Isc Bind 9.0
Isc Bind 9.1
Isc Bind 9.2
1 EDB exploit
5
CVSSv2
CVE-1999-0849
Denial of service in BIND named via maxdname.
Isc Bind 4.9.5
Isc Bind 4.9.6
Isc Bind 8.1
Isc Bind 8.2
Isc Bind 8.2.1
Isc Bind 4.9.7
Isc Bind 8.1.1
3.5
CVSSv2
CVE-2018-5745
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys...
Isc Bind
Isc Bind 9.10.7
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.12.3
Isc Bind 9.10.8
NA
CVE-2022-38178
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.
Isc Bind
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.11.5
Isc Bind 9.11.12
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.11.27
Isc Bind 9.16.13
Isc Bind 9.11.29
Isc Bind 9.16.21
Isc Bind 9.11.35
Isc Bind 9.11.14-s1
Isc Bind 9.11.19-s1
Isc Bind 9.11.37
Isc Bind 9.16.32
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5
CVSSv2
CVE-2002-0400
ISC BIND 9 prior to 9.2.1 allows remote malicious users to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, ak...
Isc Bind 9.0
Isc Bind 9.1
Isc Bind 9.1.1
Isc Bind 9.1.3
Isc Bind 9.1.2
Isc Bind 9.2
5
CVSSv2
CVE-2020-8616
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to proce...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.8
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »