Filtered by vendor Isc
Subscribe
Total
221 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
CVE-1999-0184 | 1 Isc | 1 Bind | 2023-12-10 | 6.4 MEDIUM | N/A |
When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | |||||
CVE-2000-0887 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2023-12-10 | 10.0 HIGH | N/A |
ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
CVE-1999-0706 | 2 Isc, Redhat | 2 Inn, Linux | 2023-12-10 | 7.5 HIGH | N/A |
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. | |||||
CVE-2002-2211 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
CVE-2000-1029 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query. | |||||
CVE-2004-0045 | 1 Isc | 1 Inn | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | |||||
CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2023-12-10 | 7.5 HIGH | N/A |
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | |||||
CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in INN inews program. | |||||
CVE-2002-0400 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | |||||
CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2023-12-10 | 4.3 MEDIUM | N/A |
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
CVE-2001-0013 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-2000-0360 | 1 Isc | 1 Inn | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
CVE-1999-0754 | 1 Isc | 1 Inn | 2023-12-10 | 10.0 HIGH | N/A |
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | |||||
CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in BIND 8.2 via NXT records. | |||||
CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2023-12-10 | 10.0 HIGH | N/A |
Denial of service in BIND by improperly closing TCP sessions via so_linger. |