ISC : Security Vulnerabilities, CVEs, Published In 2007 CVSS score >= 5
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
Max CVSS
5.8
EPSS Score
0.94%
Published
2007-07-24
Updated
2018-10-30
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
Max CVSS
7.1
EPSS Score
5.69%
Published
2007-05-02
Updated
2018-10-30
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
Max CVSS
7.8
EPSS Score
19.90%
Published
2007-01-25
Updated
2023-02-13
3 vulnerabilities found