Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bind
(Isc)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 174 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2006-04-27 | CVE-2006-2073 | Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | Bind | N/A | ||
| 2006-03-03 | CVE-2006-0987 | The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | Bind | N/A | ||
| 2005-05-02 | CVE-2005-0034 | An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. | Bind | N/A | ||
| 2005-05-02 | CVE-2005-0033 | Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. | Bind | N/A | ||
| 2003-12-15 | CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | Tru64, Freebsd, Hp\-Ux, Aix, Bind, Netbsd, Namesurfer, Unixware, Solaris, Sunos | N/A | ||
| 2002-12-31 | CVE-2002-2213 | The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | Dns_one, Bind | N/A | ||
| 2002-12-31 | CVE-2002-2212 | The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | Uxp_v, Bind | N/A | ||
| 2002-12-31 | CVE-2002-2211 | BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | Bind | N/A | ||
| 2002-11-29 | CVE-2002-1221 | BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | Freebsd, Bind, Openbsd | N/A | ||
| 2002-11-29 | CVE-2002-1220 | BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | Freebsd, Bind, Openbsd | N/A |