Vulnerabilities > ISC > Bind

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-6477 Resource Exhaustion vulnerability in multiple products
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled.
network
low complexity
isc fedoraproject CWE-400
7.5
2019-11-05 CVE-2013-5661 Authentication Bypass by Spoofing vulnerability in multiple products
Cache Poisoning issue exists in DNS Response Rate Limiting.
network
high complexity
isc nlnetlabs nic redhat CWE-290
5.9
2019-11-01 CVE-2019-6470 There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode.
network
low complexity
isc redhat opensuse
7.5
2019-10-30 CVE-2018-5742 Reachable Assertion vulnerability in ISC Bind 9.9.465/9.9.472
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420.
network
low complexity
isc CWE-617
7.5
2019-10-17 CVE-2019-6476 Reachable Assertion vulnerability in ISC Bind
A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query.
network
low complexity
isc CWE-617
7.5
2019-10-17 CVE-2019-6475 Insufficient Verification of Data Authenticity vulnerability in ISC Bind
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers.
network
low complexity
isc CWE-345
7.5
2019-10-09 CVE-2019-6471 Reachable Assertion vulnerability in multiple products
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c.
network
high complexity
f5 isc CWE-617
5.9
2019-10-09 CVE-2019-6469 Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.6
An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs.
network
low complexity
isc CWE-617
7.5
2019-10-09 CVE-2019-6468 Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.5
In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features.
network
low complexity
isc CWE-617
7.5
2019-10-09 CVE-2019-6467 Reachable Assertion vulnerability in ISC Bind
A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally.
network
low complexity
isc CWE-617
7.5