Vulnerabilities > ISC > Bind > 8.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2213 | Remote Security vulnerability in BIND The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | 5.0 |
2002-12-31 | CVE-2002-2212 | Remote Security vulnerability in BIND The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | 5.0 |
2002-12-31 | CVE-2002-2211 | Remote Security vulnerability in BIND BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | 5.0 |
2002-11-29 | CVE-2002-1221 | Denial Of Service vulnerability in ISC BIND 8 Invalid Expiry Time BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | 5.0 |
2002-11-29 | CVE-2002-1219 | Buffer Overflow vulnerability in ISC BIND SIG Cached Resource Record Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | 7.5 |
2001-07-21 | CVE-2001-0497 | Incorrect Default Permissions vulnerability in ISC Bind dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | 7.8 |
2001-02-12 | CVE-2001-0012 | Unspecified vulnerability in ISC Bind BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | 5.0 |
2001-02-12 | CVE-2001-0010 | Unspecified vulnerability in ISC Bind 8.2/8.2.1/8.2.2 Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | 10.0 |
2000-12-19 | CVE-2000-0888 | named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | 5.0 |
2000-12-19 | CVE-2000-0887 | Unspecified vulnerability in ISC Bind 8.2.2 named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | 5.0 |