BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
Max CVSS
5.0
EPSS Score
5.35%
Published
2002-11-29
Updated
2018-05-03
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
Max CVSS
5.0
EPSS Score
15.20%
Published
2002-11-29
Updated
2018-05-03
2 vulnerabilities found