Filtered by vendor Isc
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0525 | 1 Isc | 1 Inn | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses. | |||||
CVE-2003-0039 | 1 Isc | 1 Dhcpd | 2023-12-10 | 5.0 MEDIUM | N/A |
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | |||||
CVE-1999-0100 | 1 Isc | 1 Inn | 2023-12-10 | 10.0 HIGH | N/A |
Remote access in AIX innd 1.5.1, using control messages. | |||||
CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
DNS cache poisoning via BIND, by predictable query IDs. | |||||
CVE-2001-0010 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
CVE-2001-0011 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-2002-0651 | 1 Isc | 1 Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||
CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | |||||
CVE-2003-0026 | 1 Isc | 1 Dhcpd | 2023-12-10 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | |||||
CVE-2000-0472 | 1 Isc | 1 Inn | 2023-12-10 | 3.6 LOW | N/A |
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2023-12-10 | 7.2 HIGH | N/A |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | |||||
CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | |||||
CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | |||||
CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in BIND named via consuming more than "fdmax" file descriptors. | |||||
CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
CVE-1999-0785 | 1 Isc | 1 Inn | 2023-12-10 | 7.2 HIGH | N/A |
The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. | |||||
CVE-1999-1499 | 1 Isc | 1 Bind | 2023-12-10 | 2.1 LOW | N/A |
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. |