Vulnerabilities > ISC > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2018-5743 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. | 7.5 |
| 2019-10-09 | CVE-2018-5732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ISC Dhcp Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. | 7.5 |
| 2019-01-16 | CVE-2018-5740 | Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. | 7.5 |
| 2019-01-16 | CVE-2018-5739 | Missing Release of Resource after Effective Lifetime vulnerability in ISC KEA 1.4.0 An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. | 7.5 |
| 2019-01-16 | CVE-2018-5738 | Information Exposure vulnerability in multiple products Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. | 7.5 |
| 2019-01-16 | CVE-2018-5737 | Reachable Assertion vulnerability in multiple products A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. | 7.5 |
| 2019-01-16 | CVE-2018-5734 | Reachable Assertion vulnerability in multiple products While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. | 7.5 |
| 2019-01-16 | CVE-2018-5733 | Integer Overflow or Wraparound vulnerability in multiple products A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. | 7.5 |
| 2019-01-16 | CVE-2017-3145 | Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. | 7.5 |
| 2019-01-16 | CVE-2017-3144 | Resource Exhaustion vulnerability in multiple products A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. | 7.5 |