Search CVE reports


Toggle filters

41 – 50 of 148 results


CVE-2020-8621

Medium priority
Fixed

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Not affected Not affected
Show less packages

CVE-2020-8620

Medium priority
Fixed

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Not affected Not affected
Show less packages

CVE-2020-8619

Medium priority
Fixed

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Not affected Not affected
Show less packages

CVE-2020-8618

Medium priority
Fixed

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Not affected Not affected
Show less packages

CVE-2020-8617

Medium priority
Fixed

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default,...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed
Show less packages

CVE-2020-8616

Medium priority
Fixed

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed
Show less packages

CVE-2019-6477

Medium priority
Fixed

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Not affected
Show less packages

CVE-2013-5661

Negligible priority
Ignored

Cache Poisoning issue exists in DNS Response Rate Limiting.

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9
Show less packages

CVE-2018-5742

Medium priority
Not affected

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Not affected Not affected
Show less packages

CVE-2019-6476

Medium priority
Not affected

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0...

1 affected package

bind9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Not affected Not affected
Show less packages