Vulnerabilities > ISC > Bind > 8.1.2

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2018-5741 Incorrect Authorization vulnerability in ISC Bind
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy.
network
low complexity
isc CWE-863
4.0
2009-01-26 CVE-2009-0265 Unchecked Return Value vulnerability in ISC Bind
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
network
low complexity
isc CWE-252
7.5
2008-01-16 CVE-2008-0122 Numeric Errors vulnerability in ISC Bind
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
network
low complexity
isc freebsd CWE-189
critical
10.0
2007-09-12 CVE-2007-2930 Remote Cache Poisoning vulnerability in ISC BIND 8
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors.
network
isc
4.3
2006-09-06 CVE-2006-4095 Reachable Assertion vulnerability in multiple products
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
network
low complexity
isc canonical apple CWE-617
7.5
2002-11-29 CVE-2002-1221 Denial Of Service vulnerability in ISC BIND 8 Invalid Expiry Time
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
network
low complexity
isc freebsd openbsd
5.0
2001-07-21 CVE-2001-0497 Incorrect Default Permissions vulnerability in ISC Bind
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
local
low complexity
isc CWE-276
7.8