Total
169 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
CVE-1999-0849 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in BIND named via maxdname. | |||||
CVE-2001-0012 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | |||||
CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2023-12-10 | 10.0 HIGH | N/A |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2023-12-10 | 5.0 MEDIUM | N/A |
DNS cache poisoning via BIND, by predictable query IDs. | |||||
CVE-2001-0010 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
CVE-1999-0011 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2023-12-10 | 10.0 HIGH | N/A |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. | |||||
CVE-2001-0011 | 1 Isc | 1 Bind | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
CVE-2002-0651 | 1 Isc | 1 Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||
CVE-2002-0684 | 2 Gnu, Isc | 2 Glibc, Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | |||||
CVE-2000-0888 | 2 Debian, Isc | 2 Debian Linux, Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | |||||
CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | |||||
CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of service in BIND named via consuming more than "fdmax" file descriptors. | |||||
CVE-1999-1499 | 1 Isc | 1 Bind | 2023-12-10 | 2.1 LOW | N/A |
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
CVE-1999-0184 | 1 Isc | 1 Bind | 2023-12-10 | 6.4 MEDIUM | N/A |
When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | |||||
CVE-2000-0887 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
CVE-2002-2211 | 1 Isc | 1 Bind | 2023-12-10 | 5.0 MEDIUM | N/A |
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. |