Vulnerabilities > ISC > Bind
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-11-29 | CVE-2002-1220 | Denial of Service vulnerability in ISC BIND OPT Record Large UDP BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | 5.0 |
2002-11-29 | CVE-2002-1219 | Buffer Overflow vulnerability in ISC BIND SIG Cached Resource Record Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | 7.5 |
2002-11-29 | CVE-2002-0029 | Buffer Overflow vulnerability in ISC BIND DNS Resolver Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | 7.5 |
2002-08-12 | CVE-2002-0684 | Remote Security vulnerability in glibc Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. | 7.5 |
2002-07-03 | CVE-2002-0651 | Buffer Overflow vulnerability in ISC Bind 9.4.0 Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | 7.5 |
2002-06-18 | CVE-2002-0400 | Remote Denial Of Service vulnerability in ISC BIND 9 ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | 5.0 |
2001-07-21 | CVE-2001-0497 | Incorrect Default Permissions vulnerability in ISC Bind dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | 7.8 |
2001-02-12 | CVE-2001-0013 | Unspecified vulnerability in ISC Bind Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | 10.0 |
2001-02-12 | CVE-2001-0012 | Unspecified vulnerability in ISC Bind BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | 5.0 |
2001-02-12 | CVE-2001-0011 | Unspecified vulnerability in ISC Bind Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | 10.0 |