"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Max CVSS
7.5
EPSS Score
95.32%
Published
2019-01-16
Updated
2022-04-12

CVE-2016-2776

Public exploit
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Max CVSS
7.8
EPSS Score
97.29%
Published
2016-09-28
Updated
2019-12-27
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-07-06
Updated
2016-12-28
HP HP-UX B.11.11, B.11.23, and B.11.31, when the PAM configuration includes libpam_updbe, allows remote authenticated users to bypass authentication, and consequently execute arbitrary code, via unspecified vectors.
Max CVSS
8.5
EPSS Score
0.35%
Published
2014-12-10
Updated
2019-10-09
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Max CVSS
7.8
EPSS Score
95.80%
Published
2013-07-29
Updated
2019-04-22
Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-09-24
Updated
2017-09-19
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
Max CVSS
7.8
EPSS Score
3.27%
Published
2009-10-05
Updated
2017-09-19
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
7.8
EPSS Score
3.42%
Published
2008-12-11
Updated
2011-03-08
Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
7.8
EPSS Score
4.25%
Published
2008-08-08
Updated
2017-09-29
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
5.00%
Published
2007-12-24
Updated
2017-09-29
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-11-14
Updated
2017-09-29
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.
Max CVSS
7.1
EPSS Score
4.73%
Published
2007-08-01
Updated
2017-09-29
Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors.
Max CVSS
7.1
EPSS Score
6.66%
Published
2007-01-19
Updated
2017-10-11
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-09-29
Updated
2018-10-17
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-07-03
Updated
2018-10-18
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-05-24
Updated
2018-10-18
Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-04-11
Updated
2018-10-18
Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
7.03%
Published
2006-03-25
Updated
2017-10-11
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-01-26
Updated
2017-10-11
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
Max CVSS
7.5
EPSS Score
1.86%
Published
2005-12-21
Updated
2018-10-19
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
Max CVSS
7.8
EPSS Score
33.75%
Published
2005-12-17
Updated
2018-10-19
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2005-11-23
Updated
2017-10-11
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Max CVSS
7.8
EPSS Score
6.35%
Published
2005-11-18
Updated
2017-10-11
Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.
Max CVSS
7.5
EPSS Score
2.34%
Published
2005-11-16
Updated
2017-10-11
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2005-11-16
Updated
2017-10-11
113 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!