Vulnerabilities > ISC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-6467 | Reachable Assertion vulnerability in ISC Bind A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. | 5.0 |
| 2019-10-09 | CVE-2019-6465 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. | 4.3 |
| 2019-10-09 | CVE-2018-5745 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ISC Bind "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. | 3.5 |
| 2019-10-09 | CVE-2018-5744 | Missing Release of Resource after Effective Lifetime vulnerability in ISC Bind A failure to free memory can occur when processing messages having a specific combination of EDNS options. | 5.0 |
| 2019-10-09 | CVE-2018-5743 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. | 7.5 |
| 2019-10-09 | CVE-2018-5732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ISC Dhcp Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. | 5.0 |
| 2019-01-16 | CVE-2018-5741 | Incorrect Authorization vulnerability in ISC Bind To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. | 4.0 |
| 2019-01-16 | CVE-2018-5740 | Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. | 5.0 |
| 2019-01-16 | CVE-2018-5739 | Missing Release of Resource after Effective Lifetime vulnerability in ISC KEA 1.4.0 An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. | 5.0 |
| 2019-01-16 | CVE-2018-5738 | Information Exposure vulnerability in multiple products Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. | 5.0 |