Summary
Detail | |||
---|---|---|---|
Vendor | Isc | First view | 1997-07-01 |
Product | Bind | Last view | 2024-02-14 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2024-02-14 | CVE-2023-50387 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. |
7.5 | 2023-09-20 | CVE-2023-4236 | A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1. |
7.5 | 2023-09-20 | CVE-2023-3341 | The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1. |
7.5 | 2023-06-21 | CVE-2023-2911 | If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. |
7.5 | 2023-06-21 | CVE-2023-2829 | A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. |
7.5 | 2023-06-21 | CVE-2023-2828 | Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1. |
7.5 | 2023-01-26 | CVE-2022-3924 | This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. |
7.5 | 2023-01-26 | CVE-2022-3736 | BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. |
7.5 | 2023-01-26 | CVE-2022-3488 | Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name. This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1. |
7.5 | 2023-01-26 | CVE-2022-3094 | Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes. If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome. BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1. |
7.5 | 2022-09-21 | CVE-2022-38178 | By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. |
7.5 | 2022-09-21 | CVE-2022-38177 | By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. |
7.5 | 2022-09-21 | CVE-2022-3080 | By sending specific queries to the resolver, an attacker can cause named to crash. |
7.5 | 2022-09-21 | CVE-2022-2906 | An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service. |
8.2 | 2022-09-21 | CVE-2022-2881 | The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process. |
5.3 | 2022-09-21 | CVE-2022-2795 | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. |
7.5 | 2022-05-19 | CVE-2022-1183 | On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. |
7.5 | 2022-03-23 | CVE-2022-0635 | Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. |
5.3 | 2022-03-23 | CVE-2022-0396 | BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. |
6.8 | 2022-03-23 | CVE-2021-25220 | BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. |
7.5 | 2022-03-22 | CVE-2022-0667 | When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 |
5.3 | 2021-10-27 | CVE-2021-25219 | In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. |
7.5 | 2021-08-18 | CVE-2021-25218 | In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition. |
9.8 | 2021-04-29 | CVE-2021-25216 | In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. We have determined that standard SPNEGO implementations are available in the MIT and Heimdal Kerberos libraries, which support a broad range of operating systems, rendering the ISC implementation unnecessary and obsolete. Therefore, to reduce the attack surface for BIND users, we will be removing the ISC SPNEGO implementation in the April releases of BIND 9.11 and 9.16 (it had already been dropped from BIND 9.17). We would not normally remove something from a stable ESV (Extended Support Version) of BIND, but since system libraries can replace the ISC SPNEGO implementation, we have made an exception in this case for reasons of stability and security. |
7.5 | 2021-04-29 | CVE-2021-25215 | In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
26% (30) | CWE-617 | Reachable Assertion |
22% (25) | CWE-20 | Improper Input Validation |
4% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
3% (4) | CWE-399 | Resource Management Errors |
3% (4) | CWE-189 | Numeric Errors |
2% (3) | CWE-770 | Allocation of Resources Without Limits or Throttling |
2% (3) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
2% (3) | CWE-362 | Race Condition |
2% (3) | CWE-19 | Data Handling |
1% (2) | CWE-787 | Out-of-bounds Write |
1% (2) | CWE-416 | Use After Free |
1% (2) | CWE-404 | Improper Resource Shutdown or Release |
1% (2) | CWE-125 | Out-of-bounds Read |
1% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
0% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
0% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
0% (1) | CWE-476 | NULL Pointer Dereference |
0% (1) | CWE-444 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli... |
0% (1) | CWE-428 | Unquoted Search Path or Element |
0% (1) | CWE-388 | Error Handling |
0% (1) | CWE-345 | Insufficient Verification of Data Authenticity |
0% (1) | CWE-331 | Insufficient Entropy |
0% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
0% (1) | CWE-295 | Certificate Issues |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-19 | Embedding Scripts within Scripts |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-81 | Web Logs Tampering |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:6051 | Security vulnerability in the BIND executable |
oval:org.mitre.oval:def:5833 | Security vulnerability in the BIND executable |
oval:org.mitre.oval:def:5966 | Security vulnerability in the BIND executable |
oval:org.mitre.oval:def:4190 | Buffer Overflow in DNS Resolver Library |
oval:org.mitre.oval:def:2539 | BIND SIG Resource Records Buffer Overflow |
oval:org.mitre.oval:def:449 | Bind OPT Resource Record DoS Vulnerability |
oval:org.mitre.oval:def:2094 | BIND DoS via SIG RR Elements |
oval:org.mitre.oval:def:2011 | ISC BIND Cache Poison Denial Of Service |
oval:org.mitre.oval:def:25774 | Vulnerability in AIX bind |
oval:org.mitre.oval:def:9623 | BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cau... |
oval:org.mitre.oval:def:11523 | ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.... |
oval:org.mitre.oval:def:21786 | ELSA-2007:0057: bind security update (Moderate) |
oval:org.mitre.oval:def:9614 | Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4... |
oval:org.mitre.oval:def:2226 | Security Vulnerability in Solaris 10 BIND: Susceptible to Cache Poisoning Attack |
oval:org.mitre.oval:def:20473 | DSA-1341-2 bind9 - DNS cache poisoning vulnerability |
oval:org.mitre.oval:def:10293 | ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generat... |
oval:org.mitre.oval:def:21703 | ELSA-2007:0740: bind security update (Moderate) |
oval:org.mitre.oval:def:2154 | Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack |
oval:org.mitre.oval:def:10190 | Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 an... |
oval:org.mitre.oval:def:22620 | ELSA-2008:0300: bind security, bug fix, and enhancement update (Moderate) |
oval:org.mitre.oval:def:9627 | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P... |
oval:org.mitre.oval:def:8092 | DSA-1603 bind9 -- DNS cache poisoning |
oval:org.mitre.oval:def:7660 | DSA-1617 refpolicy -- incompatible policy |
oval:org.mitre.oval:def:7531 | DSA-1623 dnsmasq -- DNS cache poisoning |
oval:org.mitre.oval:def:5917 | Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
77159 | ISC BIND Recursive Query Parsing Remote DoS |
73605 | ISC BIND UPDATE Request Parsing Remote DoS |
73604 | ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS |
72540 | ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS |
72539 | ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS |
72172 | ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS |
69568 | ISC BIND named allow-query ACL Restriction Bypass |
69559 | ISC BIND named Key Algorithm Rollover Weakness |
69558 | ISC BIND named RRSIG Negative Caching DoS |
68271 | ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS |
68270 | ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass |
66395 | ISC BIND RRSIG Requests Infinite Loop DoS |
62008 | ISC BIND Secure Response Refetch Weakness Unspecified Issue |
62007 | ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning |
61853 | ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning |
60493 | ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning |
59272 | ISC BIND named Multiple Symlink Arbitrary File Overwrite |
57060 | ISC BIND DNS Message Malformed TSIG Remote DoS |
56584 | ISC BIND Dynamic Update Message Handling Remote DoS |
53917 | HP Multiple Products DNS Query ID Field Prediction Cache Poisoning |
53530 | Check Point DNS Query ID Field Prediction Cache Poisoning |
53299 | GNU DNS Resolver Library (glibc) Multiple DNS Resolver Functions Remote Overflow |
53298 | BSD DNS Resolver Library (libc) Multiple DNS Resolver Functions Remote Overflow |
53115 | ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Wea... |
51368 | OpenSSL DSA_verify Function SSL/TLS Signature Validation Weakness |
ExploitDB Exploits
id | Description |
---|---|
6130 | BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c) |
6123 | BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py) |
6122 | BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta) |
OpenVAS Exploits
id | Description |
---|---|
2012-12-31 | Name : Fedora Update for bind FEDORA-2012-19822 File : nvt/gb_fedora_2012_19822_bind_fc16.nasl |
2012-12-14 | Name : Fedora Update for bind FEDORA-2012-19830 File : nvt/gb_fedora_2012_19830_bind_fc17.nasl |
2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:0722-1 (bind) File : nvt/gb_suse_2012_0722_1.nasl |
2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:1192-1 (bind) File : nvt/gb_suse_2012_1192_1.nasl |
2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:1372-1 (bind) File : nvt/gb_suse_2012_1372_1.nasl |
2012-12-10 | Name : CentOS Update for bind CESA-2012:1549 centos6 File : nvt/gb_CESA-2012_1549_bind_centos6.nasl |
2012-12-10 | Name : RedHat Update for bind RHSA-2012:1549-01 File : nvt/gb_RHSA-2012_1549-01_bind.nasl |
2012-12-10 | Name : Ubuntu Update for bind9 USN-1657-1 File : nvt/gb_ubuntu_USN_1657_1.nasl |
2012-12-06 | Name : Mandriva Update for bind MDVSA-2012:177 (bind) File : nvt/gb_mandriva_MDVSA_2012_177.nasl |
2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
2012-10-29 | Name : Debian Security Advisory DSA 2560-1 (bind9) File : nvt/deb_2560_1.nasl |
2012-10-23 | Name : Fedora Update for bind-dyndb-ldap FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_bind-dyndb-ldap_fc17.nasl |
2012-10-23 | Name : Fedora Update for bind FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_bind_fc17.nasl |
2012-10-23 | Name : Fedora Update for dhcp FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl |
2012-10-23 | Name : Fedora Update for dnsperf FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dnsperf_fc17.nasl |
2012-10-23 | Name : Fedora Update for bind-dyndb-ldap FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_bind-dyndb-ldap_fc16.nasl |
2012-10-23 | Name : Fedora Update for bind FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_bind_fc16.nasl |
2012-10-23 | Name : Fedora Update for dhcp FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl |
2012-10-23 | Name : Fedora Update for dnsperf FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dnsperf_fc16.nasl |
2012-10-16 | Name : CentOS Update for bind CESA-2012:1363 centos5 File : nvt/gb_CESA-2012_1363_bind_centos5.nasl |
2012-10-16 | Name : CentOS Update for bind CESA-2012:1363 centos6 File : nvt/gb_CESA-2012_1363_bind_centos6.nasl |
2012-10-16 | Name : CentOS Update for bind97 CESA-2012:1364 centos5 File : nvt/gb_CESA-2012_1364_bind97_centos5.nasl |
2012-10-16 | Name : RedHat Update for bind RHSA-2012:1363-01 File : nvt/gb_RHSA-2012_1363-01_bind.nasl |
2012-10-16 | Name : RedHat Update for bind97 RHSA-2012:1364-01 File : nvt/gb_RHSA-2012_1364-01_bind97.nasl |
2012-10-13 | Name : FreeBSD Ports: bind99 File : nvt/freebsd_bind992.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0208 | Multiple Vulnerabilities in ISC BIND Severity: Category I - VMSKEY: V0061377 |
2015-B-0099 | McAfee Firewall Enterprise Denial of Service Vulnerability Severity: Category I - VMSKEY: V0061291 |
2014-A-0086 | Multiple Vulnerabilities in ISC BIND Severity: Category I - VMSKEY: V0052635 |
2013-A-0212 | ISC BIND Security Bypass Vulnerability Severity: Category I - VMSKEY: V0042297 |
2013-A-0179 | Apple Mac OS X Security Update 2013-004 Severity: Category I - VMSKEY: V0040373 |
2013-A-0151 | ISC BIND 9 Remote Denial of Service Vulnerability Severity: Category I - VMSKEY: V0039823 |
2013-A-0031 | Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0036787 |
2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0035032 |
2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity: Category I - VMSKEY: V0027158 |
2008-A-0045 | DNS Protocol Cache Poisoning Vulnerability Severity: Category I - VMSKEY: V0016170 |
Snort® IPS/IDS
Date | Description |
---|---|
2020-09-02 | BIND DNS server TSIG denial of service attempt RuleID : 54630 - Type : PROTOCOL-DNS - Revision : 1 |
2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52344 - Type : SERVER-OTHER - Revision : 1 |
2020-01-03 | ISC BIND deny-answer-aliases denial of service attempt RuleID : 52343 - Type : SERVER-OTHER - Revision : 1 |
2019-12-05 | ISC BIND DHCP client DNAME resource record parsing denial of service attempt RuleID : 52078 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | ISC BIND multiple ENDS Key Tag options denial of service attempt RuleID : 51144 - Type : SERVER-OTHER - Revision : 1 |
2019-09-24 | ISC Bind libdns EDNS option handling denial of service attempt RuleID : 51126 - Type : SERVER-OTHER - Revision : 1 |
2018-03-27 | ISC BIND malformed data channel authentication message denial of service attempt RuleID : 45738 - Type : SERVER-OTHER - Revision : 1 |
2017-12-19 | ISC BIND 9 DNS rdata length handling remote denial of service attempt RuleID : 44879 - Type : SERVER-OTHER - Revision : 1 |
2017-09-06 | ISC BIND malformed control channel authentication message denial of service a... RuleID : 43846 - Type : SERVER-OTHER - Revision : 2 |
2017-06-06 | ISC BIND unexpected DNAME CNAME ordering denial of service attempt RuleID : 42458 - Type : PROTOCOL-DNS - Revision : 2 |
2016-11-30 | ISC BIND 9 DNS query overly long name denial of service attempt RuleID : 40579 - Type : SERVER-OTHER - Revision : 2 |
2016-11-08 | ISC BIND DNS duplicate cookie denial of service attempt RuleID : 40362 - Type : PROTOCOL-DNS - Revision : 1 |
2016-11-08 | ISC BIND isc__buffer_add assertion failure denial of service attempt RuleID : 40344 - Type : PROTOCOL-DNS - Revision : 2 |
2016-05-27 | ISC BIND malformed control channel authentication message denial of service a... RuleID : 38622 - Type : SERVER-OTHER - Revision : 4 |
2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38284 - Type : PROTOCOL-DNS - Revision : 1 |
2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38283 - Type : PROTOCOL-DNS - Revision : 1 |
2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38282 - Type : PROTOCOL-DNS - Revision : 1 |
2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38281 - Type : PROTOCOL-DNS - Revision : 1 |
2016-03-14 | ISC BIND zero length OPENPGPKEY rdata response attempt RuleID : 36130 - Type : PROTOCOL-DNS - Revision : 4 |
2015-10-20 | ISC BIND DNSSEC response unsupported cryptographic algorithm attempt RuleID : 36056 - Type : PROTOCOL-DNS - Revision : 2 |
2015-10-20 | ISC BIND DNSSEC response unsupported DNSKEY cryptographic algorithm attempt RuleID : 36055 - Type : PROTOCOL-DNS - Revision : 3 |
2015-09-03 | ISC BIND TKEY query processing denial of service attempt RuleID : 35943 - Type : PROTOCOL-DNS - Revision : 3 |
2015-09-03 | ISC BIND TKEY query processing denial of service attempt RuleID : 35942 - Type : PROTOCOL-DNS - Revision : 3 |
2015-09-03 | ISC BIND TKEY Query denial of service attempt RuleID : 35425 - Type : SERVER-OTHER - Revision : 3 |
2015-09-03 | ISC BIND TKEY Query denial of service attempt RuleID : 35424 - Type : SERVER-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-10 | Name: The remote device is affected by multiple vulnerabilities. File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-5417ca3713.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-a54e46032f.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-bfec61fb2f.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f22b937f52.nasl - Type: ACT_GATHER_INFO |
2018-11-28 | Name: The remote name server is affected by a policy bypass which enables an unauth... File: bind9_CVE-2018-5741.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-1679.nasl - Type: ACT_GATHER_INFO |
2018-11-05 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL98528405.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL08613310.nasl - Type: ACT_GATHER_INFO |
2018-10-26 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1328.nasl - Type: ACT_GATHER_INFO |
2018-10-26 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1343.nasl - Type: ACT_GATHER_INFO |
2018-10-15 | Name: The remote Fedora host is missing a security update. File: fedora_2018-54d84b0b0c.nasl - Type: ACT_GATHER_INFO |
2018-09-27 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1281.nasl - Type: ACT_GATHER_INFO |
2018-09-27 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1282.nasl - Type: ACT_GATHER_INFO |
2018-09-27 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1082.nasl - Type: ACT_GATHER_INFO |
2018-09-20 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1082.nasl - Type: ACT_GATHER_INFO |
2018-08-31 | Name: The remote Debian host is missing a security update. File: debian_DLA-1485.nasl - Type: ACT_GATHER_INFO |
2018-08-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2570.nasl - Type: ACT_GATHER_INFO |
2018-08-29 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2018-2571.nasl - Type: ACT_GATHER_INFO |
2018-08-23 | Name: The remote Fedora host is missing a security update. File: fedora_2018-90f8fbd58e.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO |
2018-08-16 | Name: The remote name server is affected by a denial of service vulnerability. File: bind9_9122_p1.nasl - Type: ACT_GATHER_INFO |
2018-08-13 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-222-01.nasl - Type: ACT_GATHER_INFO |
2018-08-02 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2018-c0f12f789e.nasl - Type: ACT_GATHER_INFO |
2018-07-12 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-192-01.nasl - Type: ACT_GATHER_INFO |