Vulnerabilities > ISC > Bind > 9.9.6

DATE CVE VULNERABILITY TITLE RISK
2015-12-16 CVE-2015-8461 Race Condition vulnerability in ISC Bind
Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.
network
isc CWE-362
7.1
7.1
2015-12-16 CVE-2015-8000 Improper Input Validation vulnerability in multiple products
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
network
low complexity
oracle isc CWE-20
5.0
5.0
2015-09-05 CVE-2015-5986 Improper Input Validation vulnerability in multiple products
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
network
isc apple CWE-20
7.1
7.1
2015-09-05 CVE-2015-5722 Improper Input Validation vulnerability in multiple products
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
network
low complexity
isc apple CWE-20
7.8
7.8
2015-07-29 CVE-2015-5477 Data Processing Errors vulnerability in ISC Bind
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
network
low complexity
isc CWE-19
7.8
7.8
2015-07-08 CVE-2015-4620 Code vulnerability in ISC Bind
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
network
low complexity
isc CWE-17
7.8
7.8
2015-02-19 CVE-2015-1349 Resource Management Errors vulnerability in ISC Bind
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.
network
high complexity
isc CWE-399
5.4
5.4
2014-12-11 CVE-2014-8500 Resource Management Errors vulnerability in ISC Bind
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
network
low complexity
isc CWE-399
7.8
7.8