Vulnerabilities > ISC > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-05 | CVE-2013-5661 | Authentication Bypass by Spoofing vulnerability in multiple products Cache Poisoning issue exists in DNS Response Rate Limiting. | 2.6 |
| 2019-10-16 | CVE-2019-6472 | Reachable Assertion vulnerability in ISC KEA 1.4.0/1.5.0/1.6.0 A packet containing a malformed DUID can cause the Kea DHCPv6 server process (kea-dhcp6) to exit due to an assertion failure. | 3.3 |
| 2019-10-09 | CVE-2018-5745 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ISC Bind "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. | 3.5 |
| 2019-01-16 | CVE-2017-3138 | Reachable Assertion vulnerability in multiple products named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. | 3.5 |
| 2019-01-16 | CVE-2018-5736 | Reachable Assertion vulnerability in multiple products An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. | 3.5 |
| 2016-02-04 | CVE-2016-1284 | Improper Input Validation vulnerability in ISC Bind 9.9.8 rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query. | 2.6 |
| 2014-01-14 | CVE-2014-0591 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in ISC Bind The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature. | 2.6 |
| 2012-07-25 | CVE-2012-3954 | Resource Management Errors vulnerability in multiple products Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. | 3.3 |
| 2011-07-08 | CVE-2011-2465 | Remote Denial of Service vulnerability in ISC BIND 9 RPZ Configurations Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. | 2.6 |
| 2010-07-28 | CVE-2010-0213 | Data Processing Errors vulnerability in ISC Bind 9.7.1 BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. | 2.6 |