Vulnerabilities > ISC > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-25 | CVE-2009-4022 | Remote Cache Poisoning vulnerability in ISC BIND 9 DNSSEC Query Response Additional Section Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. | 2.6 |
2000-02-06 | CVE-2000-0472 | Remote Buffer Overflow vulnerability in ISC innd 2.x Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | 3.6 |
1998-04-10 | CVE-1999-1499 | Unspecified vulnerability in ISC Bind 4.9/8.1 named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | 2.1 |