Vulnerabilities > ISC > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2017-3136 Reachable Assertion vulnerability in multiple products
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate.
network
high complexity
isc redhat netapp debian CWE-617
5.9
2019-01-16 CVE-2017-3135 NULL Pointer Dereference vulnerability in multiple products
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer.
network
high complexity
isc redhat netapp debian CWE-476
5.9
2019-01-16 CVE-2016-9778 7PK - Errors vulnerability in multiple products
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service.
network
high complexity
isc netapp CWE-388
5.9
2016-07-19 CVE-2016-2775 Improper Input Validation vulnerability in multiple products
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
network
high complexity
hp isc fedoraproject redhat CWE-20
5.9
2016-07-06 CVE-2016-6170 Improper Input Validation vulnerability in multiple products
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
network
low complexity
isc redhat CWE-20
6.5
2016-03-09 CVE-2016-2088 Improper Input Validation vulnerability in ISC Bind
resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.
network
high complexity
isc CWE-20
6.8
2016-03-09 CVE-2016-1285 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. 6.8
2016-03-09 CVE-2016-2774 Improper Input Validation vulnerability in multiple products
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
network
high complexity
isc debian canonical CWE-20
5.9
2016-02-04 CVE-2016-1284 Improper Input Validation vulnerability in ISC Bind 9.9.8
rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query.
network
high complexity
isc CWE-20
5.9
2016-01-20 CVE-2015-8704 Improper Input Validation vulnerability in ISC Bind
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
network
low complexity
isc CWE-20
6.5