Vulnerabilities > ISC > Bind > 9.4.3

DATE CVE VULNERABILITY TITLE RISK
2010-01-22 CVE-2010-0097 Improper Input Validation vulnerability in ISC Bind
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
network
isc CWE-20
4.3
4.3
2009-11-25 CVE-2009-4022 Remote Cache Poisoning vulnerability in ISC BIND 9 DNSSEC Query Response Additional Section
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
network
high complexity
isc
2.6
2.6
2009-07-29 CVE-2009-0696 Configuration vulnerability in ISC Bind
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
network
isc CWE-16
4.3
4.3
2009-01-26 CVE-2009-0265 Unchecked Return Value vulnerability in ISC Bind
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
network
low complexity
isc CWE-252
7.5
7.5
2009-01-07 CVE-2009-0025 Improper Authentication vulnerability in ISC Bind
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
network
isc CWE-287
6.8
6.8