Vulnerabilities > ISC > Bind > 9.10.1

DATE CVE VULNERABILITY TITLE RISK
2015-02-19 CVE-2015-1349 Resource Management Errors vulnerability in ISC Bind
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
network
high complexity
isc CWE-399
5.4
5.4
2014-12-11 CVE-2014-8680 Improper Input Validation vulnerability in ISC Bind 9.10.0/9.10.1
The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.
network
high complexity
isc CWE-20
5.4
5.4
2014-12-11 CVE-2014-8500 Resource Management Errors vulnerability in ISC Bind
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
network
low complexity
isc CWE-399
7.8
7.8
2010-01-22 CVE-2010-0382 Unspecified vulnerability in ISC Bind
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819.
network
high complexity
isc
7.6
7.6