Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bind vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-6469
An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.
Isc Bind 9.11.6
Isc Bind 9.10.5
2.1
CVSSv2
CVE-1999-1499
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.
Isc Bind 4.9
Isc Bind 8.1
1 EDB exploit
4.3
CVSSv2
CVE-2020-8617
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whos...
Isc Bind
Isc Bind 9.12.4
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.8
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
3 Github repositories
4.3
CVSSv2
CVE-2017-3140
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Isc Bind 9.9.10
Isc Bind 9.10.5
Isc Bind
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Data Ontap Edge -
5
CVSSv2
CVE-2021-25218
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND ...
Isc Bind 9.17.16
Isc Bind 9.16.19
Fedoraproject Fedora 34
5
CVSSv2
CVE-2020-8620
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.
Isc Bind
Isc Bind 9.11.3
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.21
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Steelstore Cloud Integrated Storage -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2016-9778
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a confi...
Isc Bind 9.9.8
Isc Bind 9.9.9
Isc Bind 9.11.0
Netapp Solidfire Element Os Management Node -
Netapp Data Ontap Edge -
7.1
CVSSv2
CVE-2012-5689
ISC BIND 9.8.x up to and including 9.8.4-P1 and 9.9.x up to and including 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote malicious users to cause a denial of service (assertion failure and named daemo...
Isc Bind 9.9.0
Isc Bind 9.9.1
Isc Bind 9.9.2
Redhat Enterprise Linux Hpc Node 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 6.4
Redhat Enterprise Linux Server Eus 6.4.z
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Desktop 6.0
Isc Bind 9.8.3
Isc Bind 9.8.1
Isc Bind 9.8.0
Isc Bind 9.8.2
Isc Bind 9.8.4
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
2 Github repositories
5
CVSSv2
CVE-2002-1220
BIND 8.3.x up to and including 8.3.3 allows remote malicious users to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
Isc Bind 8.3.3
Isc Bind 8.3.1
Isc Bind 8.3.2
Isc Bind 8.3.0
Openbsd Openbsd 3.2
Openbsd Openbsd 3.0
Openbsd Openbsd 3.1
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.7
1 EDB exploit
10
CVSSv2
CVE-1999-0837
Denial of service in BIND by improperly closing TCP sessions via so_linger.
Isc Bind 8.2
Isc Bind 8.2.1
Sun Sunos 5.7
Sun Solaris 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »