This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:isc:bind:9.3 |
| Detail | |||
|---|---|---|---|
| Vendor | Isc | First view | 2006-04-27 |
| Product | Bind | Last view | 2019-01-16 |
| Version | 9.3 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:isc:bind | ||
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4 | 2019-01-16 | CVE-2018-5741 | Network | Low | Requires ... | |
| 5 | 2017-01-12 | CVE-2016-9444 | Network | Low | None Requ... | |
| 5 | 2017-01-12 | CVE-2016-9131 | Network | Low | None Requ... | |
| 5 | 2016-11-02 | CVE-2016-8864 | Network | Low | None Requ... | |
| 5 | 2016-10-21 | CVE-2016-2848 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.8 | 2016-09-28 | CVE-2016-2776 | Network | Low | None Requ... | |
| 4.3 | 2016-07-19 | CVE-2016-2775 | Network | Medium | None Requ... | |
| 4 | 2016-07-06 | CVE-2016-6170 | Network | Low | Requires ... | |
| 5 | 2016-03-09 | CVE-2016-1286 | Network | Low | None Requ... | |
| 4.3 | 2016-03-09 | CVE-2016-1285 | Network | Medium | None Requ... | |
| 6.6 | 2016-01-20 | CVE-2015-8705 | Network | High | None Requ... | |
| 6.8 | 2016-01-20 | CVE-2015-8704 | Network | Low | Requires ... | |
| 7.1 | 2015-12-16 | CVE-2015-8461 | Network | Medium | None Requ... | |
| 5 | 2015-12-16 | CVE-2015-8000 | Network | Low | None Requ... | |
| 7.1 | 2015-09-04 | CVE-2015-5986 | Network | Medium | None Requ... | |
| 7.8 | 2015-09-04 | CVE-2015-5722 | Network | Low | None Requ... | |
| 7.8 | 2015-07-29 | CVE-2015-5477 | Network | Low | None Requ... | |
| 7.8 | 2014-12-10 | CVE-2014-8500 | Network | Low | None Requ... | |
| 7.8 | 2012-10-10 | CVE-2012-5166 | Network | Low | None Requ... | |
| 7.8 | 2012-09-14 | CVE-2012-4244 | Network | Low | None Requ... | |
| 8.5 | 2012-06-05 | CVE-2012-1667 | Network | Low | None Requ... | |
| 5 | 2012-02-08 | CVE-2012-1033 | Network | Low | None Requ... | |
| 5 | 2011-11-29 | CVE-2011-4313 | Network | Low | None Requ... | |
| 5 | 2011-05-31 | CVE-2011-1910 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 60% (17) | CWE-20 | Improper Input Validation |
| 14% (4) | CWE-189 | Numeric Errors |
| 10% (3) | CWE-19 | Data Handling |
| 3% (1) | CWE-399 | Resource Management Errors |
| 3% (1) | CWE-362 | Race Condition |
| % | id | Name |
|---|---|---|
| 3% (1) | CWE-287 | Improper Authentication |
| 3% (1) | CWE-254 | Security Features |
Oval Markup Language : Definitions
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:11523 | ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.... |
| oval:org.mitre.oval:def:21786 | ELSA-2007:0057: bind security update (Moderate) |
| oval:org.mitre.oval:def:10190 | Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 an... |
| oval:org.mitre.oval:def:22620 | ELSA-2008:0300: bind security, bug fix, and enhancement update (Moderate) |
| oval:org.mitre.oval:def:7086 | ISC BIND 9 Cache Poisoning Vulnerability |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:6665 | HP-UX Running BIND, Remote Denial of Service (DoS), Unauthorized Disclosure o... |
| oval:org.mitre.oval:def:21912 | RHSA-2010:0062: bind security update (Moderate) |
| oval:org.mitre.oval:def:20762 | Multiple vulnerabilities in AIX BIND |
| oval:org.mitre.oval:def:13187 | DSA-2054-1 bind9 -- DNS cache poisoning |
| oval:org.mitre.oval:def:13115 | DSA-2054-2 bind9 -- DNS cache poisoning |
| oval:org.mitre.oval:def:11783 | DSA-2054 bind9 -- DNS cache poisoning |
| oval:org.mitre.oval:def:11753 | ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 b... |
| oval:org.mitre.oval:def:22749 | ELSA-2010:0062: bind security update (Moderate) |
| oval:org.mitre.oval:def:28008 | DEPRECATED: ELSA-2010-0062 -- bind security update (moderate) |
| oval:org.mitre.oval:def:8884 | Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P... |
| oval:org.mitre.oval:def:7512 | ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vu... |
| oval:org.mitre.oval:def:6815 | HP-UX Running BIND, Remote Denial of Service (DoS), Unauthorized Disclosure o... |
| oval:org.mitre.oval:def:13497 | USN-888-1 -- bind9 vulnerabilities |
| oval:org.mitre.oval:def:21307 | RHSA-2012:1363: bind security update (Important) |
| oval:org.mitre.oval:def:21231 | RHSA-2012:1364: bind97 security update (Important) |
| oval:org.mitre.oval:def:20024 | DSA-2560-1 bind9 - denial of service |
| oval:org.mitre.oval:def:19809 | HP-UX Running BIND, Remote Denial of Service (DoS), Authentication Bypass |
| oval:org.mitre.oval:def:19706 | Vulnerability in AIX bind |
| oval:org.mitre.oval:def:18040 | USN-1601-1 -- bind9 vulnerability |
| oval:org.mitre.oval:def:23643 | ELSA-2012:1363: bind security update (Important) |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77159 | ISC BIND Recursive Query Parsing Remote DoS |
| 72540 | ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS |
| 69559 | ISC BIND named Key Algorithm Rollover Weakness |
| 68271 | ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS |
| 62008 | ISC BIND Secure Response Refetch Weakness Unspecified Issue |
| id | Description |
|---|---|
| 62007 | ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning |
| 61853 | ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning |
| 60493 | ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning |
| 57060 | ISC BIND DNS Message Malformed TSIG Remote DoS |
| 53115 | ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Wea... |
| 41211 | ISC BIND libbind inet_network() Function Off-By-One Memory Corruption |
| 40811 | FreeBSD libc inet_network() Function Off-By-One Memory Corruption DoS |
| 36235 | ISC BIND Predictable DNS Query IDs Cache Poisoning |
| 31923 | ISC BIND Crafted ANY Request Response Multiple RRsets DoS |
| 28558 | ISC BIND Recursive Query Saturation DoS |
| 28557 | ISC BIND SIG Query Multiple RRsets Response DoS |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-12-31 | Name : Fedora Update for bind FEDORA-2012-19822 File : nvt/gb_fedora_2012_19822_bind_fc16.nasl |
| 2012-12-14 | Name : Fedora Update for bind FEDORA-2012-19830 File : nvt/gb_fedora_2012_19830_bind_fc17.nasl |
| 2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:0722-1 (bind) File : nvt/gb_suse_2012_0722_1.nasl |
| 2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:1192-1 (bind) File : nvt/gb_suse_2012_1192_1.nasl |
| 2012-12-13 | Name : SuSE Update for bind openSUSE-SU-2012:1372-1 (bind) File : nvt/gb_suse_2012_1372_1.nasl |
| id | Description |
|---|---|
| 2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
| 2012-10-29 | Name : Debian Security Advisory DSA 2560-1 (bind9) File : nvt/deb_2560_1.nasl |
| 2012-10-23 | Name : Fedora Update for bind-dyndb-ldap FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_bind-dyndb-ldap_fc17.nasl |
| 2012-10-23 | Name : Fedora Update for bind FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_bind_fc17.nasl |
| 2012-10-23 | Name : Fedora Update for dhcp FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dhcp_fc17.nasl |
| 2012-10-23 | Name : Fedora Update for dnsperf FEDORA-2012-15965 File : nvt/gb_fedora_2012_15965_dnsperf_fc17.nasl |
| 2012-10-23 | Name : Fedora Update for bind-dyndb-ldap FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_bind-dyndb-ldap_fc16.nasl |
| 2012-10-23 | Name : Fedora Update for bind FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_bind_fc16.nasl |
| 2012-10-23 | Name : Fedora Update for dhcp FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dhcp_fc16.nasl |
| 2012-10-23 | Name : Fedora Update for dnsperf FEDORA-2012-15981 File : nvt/gb_fedora_2012_15981_dnsperf_fc16.nasl |
| 2012-10-16 | Name : RedHat Update for bind RHSA-2012:1363-01 File : nvt/gb_RHSA-2012_1363-01_bind.nasl |
| 2012-10-16 | Name : RedHat Update for bind97 RHSA-2012:1364-01 File : nvt/gb_RHSA-2012_1364-01_bind97.nasl |
| 2012-10-16 | Name : CentOS Update for bind CESA-2012:1363 centos5 File : nvt/gb_CESA-2012_1363_bind_centos5.nasl |
| 2012-10-16 | Name : CentOS Update for bind CESA-2012:1363 centos6 File : nvt/gb_CESA-2012_1363_bind_centos6.nasl |
| 2012-10-16 | Name : CentOS Update for bind97 CESA-2012:1364 centos5 File : nvt/gb_CESA-2012_1364_bind97_centos5.nasl |
| 2012-10-13 | Name : FreeBSD Ports: bind99 File : nvt/freebsd_bind992.nasl |
| 2012-10-11 | Name : Mandriva Update for bind MDVSA-2012:162 (bind) File : nvt/gb_mandriva_MDVSA_2012_162.nasl |
| 2012-10-11 | Name : Ubuntu Update for bind9 USN-1601-1 File : nvt/gb_ubuntu_USN_1601_1.nasl |
| 2012-10-03 | Name : Mandriva Update for bind MDVSA-2012:152-1 (bind) File : nvt/gb_mandriva_MDVSA_2012_152_1.nasl |
| 2012-10-03 | Name : Fedora Update for bind FEDORA-2012-14030 File : nvt/gb_fedora_2012_14030_bind_fc16.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0208 | Multiple Vulnerabilities in ISC BIND Severity : Category I - VMSKEY : V0061377 |
| 2015-B-0099 | McAfee Firewall Enterprise Denial of Service Vulnerability Severity : Category I - VMSKEY : V0061291 |
| 2013-A-0179 | Apple Mac OS X Security Update 2013-004 Severity : Category I - VMSKEY : V0040373 |
| 2013-A-0031 | Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0036787 |
| 2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0035032 |
| id | Description |
|---|---|
| 2011-A-0066 | Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0027158 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-12-05 | ISC BIND DHCP client DNAME resource record parsing denial of service attempt RuleID : 52078 - Type : SERVER-OTHER - Revision : 1 |
| 2018-03-27 | ISC BIND malformed data channel authentication message denial of service attempt RuleID : 45738 - Type : SERVER-OTHER - Revision : 1 |
| 2017-09-06 | ISC BIND malformed control channel authentication message denial of service a... RuleID : 43846 - Type : SERVER-OTHER - Revision : 2 |
| 2016-11-30 | ISC BIND 9 DNS query overly long name denial of service attempt RuleID : 40579 - Type : SERVER-OTHER - Revision : 2 |
| 2016-11-08 | ISC BIND isc__buffer_add assertion failure denial of service attempt RuleID : 40344 - Type : PROTOCOL-DNS - Revision : 2 |
| Date | Description |
|---|---|
| 2016-05-27 | ISC BIND malformed control channel authentication message denial of service a... RuleID : 38622 - Type : SERVER-OTHER - Revision : 4 |
| 2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38284 - Type : PROTOCOL-DNS - Revision : 1 |
| 2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38283 - Type : PROTOCOL-DNS - Revision : 1 |
| 2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38282 - Type : PROTOCOL-DNS - Revision : 1 |
| 2016-04-21 | ISC BIND totext_in_apl denial of service attempt RuleID : 38281 - Type : PROTOCOL-DNS - Revision : 1 |
| 2016-03-14 | ISC BIND zero length OPENPGPKEY rdata response attempt RuleID : 36130 - Type : PROTOCOL-DNS - Revision : 4 |
| 2015-10-20 | ISC BIND DNSSEC response unsupported cryptographic algorithm attempt RuleID : 36056 - Type : PROTOCOL-DNS - Revision : 2 |
| 2015-10-20 | ISC BIND DNSSEC response unsupported DNSKEY cryptographic algorithm attempt RuleID : 36055 - Type : PROTOCOL-DNS - Revision : 3 |
| 2015-09-03 | ISC BIND TKEY query processing denial of service attempt RuleID : 35943 - Type : PROTOCOL-DNS - Revision : 2 |
| 2015-09-03 | ISC BIND TKEY query processing denial of service attempt RuleID : 35942 - Type : PROTOCOL-DNS - Revision : 2 |
| 2015-09-03 | ISC BIND TKEY Query denial of service attempt RuleID : 35425 - Type : SERVER-OTHER - Revision : 3 |
| 2015-09-03 | ISC BIND TKEY Query denial of service attempt RuleID : 35424 - Type : SERVER-OTHER - Revision : 3 |
| 2015-03-31 | ISC BIND recursive resolver resource consumption denial of service attempt RuleID : 33583 - Type : PROTOCOL-DNS - Revision : 8 |
| 2014-01-10 | dns zone transfer with zero-length rdata attempt RuleID : 23608 - Type : PROTOCOL-DNS - Revision : 3 |
| 2014-01-10 | ISC BIND DNSSEC authority response record overflow attempt RuleID : 21421 - Type : PROTOCOL-DNS - Revision : 7 |
| 2014-01-10 | ISC BIND DNSSEC authority response record overflow attempt RuleID : 19125 - Type : PROTOCOL-DNS - Revision : 5 |
| 2014-01-10 | ISC BIND DNSSEC Validation Multiple RRsets DoS RuleID : 17680 - Type : SERVER-OTHER - Revision : 10 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-f22b937f52.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-a54e46032f.nasl - Type : ACT_GATHER_INFO |
| 2018-11-28 | Name : The remote name server is affected by a policy bypass which enables an unauth... File : bind9_CVE-2018-5741.nasl - Type : ACT_GATHER_INFO |
| 2018-10-15 | Name : The remote Fedora host is missing a security update. File : fedora_2018-54d84b0b0c.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2017-0021.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2018-02-08 | Name : The remote name server is affected by a memory exhaustion vulnerability File : bind9_9110_b2.nasl - Type : ACT_GATHER_INFO |
| 2017-08-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-2533.nasl - Type : ACT_GATHER_INFO |
| 2017-08-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201708-01.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by a den... File : aix_bind_advisory10.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by a den... File : aix_bind_advisory11.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by multi... File : aix_bind_advisory12.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by multi... File : aix_bind_advisory13.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by multi... File : aix_bind_advisory14.nasl - Type : ACT_GATHER_INFO |
| 2017-08-03 | Name : The remote AIX host has a version of bind installed that is affected by a den... File : aix_bind_advisory15.nasl - Type : ACT_GATHER_INFO |
| 2017-07-13 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-0062.nasl - Type : ACT_GATHER_INFO |
| 2017-06-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2017-1583.nasl - Type : ACT_GATHER_INFO |
| 2017-05-10 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0100.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2016-1079.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1025.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1026.nasl - Type : ACT_GATHER_INFO |
| 2017-04-21 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO |
| 2017-04-20 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-491.nasl - Type : ACT_GATHER_INFO |
| 2017-04-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0998-1.nasl - Type : ACT_GATHER_INFO |
| 2017-04-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-0999-1.nasl - Type : ACT_GATHER_INFO |
| 2017-04-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-1000-1.nasl - Type : ACT_GATHER_INFO |
