| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2494 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
4.9 |
None |
Remote |
High |
Single system |
None |
None |
Complete |
|
libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266. |
|
2 |
CVE-2013-2266 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. |
|
3 |
CVE-2012-5689 |
|
|
DoS |
2013-01-25 |
2013-01-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. |
|
4 |
CVE-2012-5688 |
20 |
|
DoS |
2012-12-06 |
2012-12-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. |
|
5 |
CVE-2012-5166 |
189 |
|
DoS |
2012-10-10 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. |
|
6 |
CVE-2012-4244 |
|
|
DoS |
2012-09-14 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. |
|
7 |
CVE-2012-3955 |
|
|
DoS |
2012-09-14 |
2013-04-01 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. |
|
8 |
CVE-2012-3954 |
399 |
|
DoS |
2012-07-25 |
2013-04-10 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. |
|
9 |
CVE-2012-3868 |
362 |
|
DoS |
2012-07-25 |
2012-07-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. |
|
10 |
CVE-2012-3817 |
20 |
|
DoS |
2012-07-25 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. |
|
11 |
CVE-2012-3571 |
119 |
|
DoS Overflow |
2012-07-25 |
2013-04-10 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. |
|
12 |
CVE-2012-3570 |
119 |
|
DoS Overflow |
2012-07-25 |
2013-04-10 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
|
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter. |
|
13 |
CVE-2012-3523 |
264 |
|
|
2012-11-11 |
2013-02-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. |
|
14 |
CVE-2012-1667 |
189 |
|
DoS Mem. Corr. +Info |
2012-06-05 |
2013-04-18 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. |
|
15 |
CVE-2012-1033 |
|
|
|
2012-02-08 |
2013-01-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. |
|
16 |
CVE-2011-4868 |
399 |
|
DoS |
2012-01-14 |
2012-01-17 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. |
|
17 |
CVE-2011-4539 |
20 |
|
DoS |
2011-12-08 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. |
|
18 |
CVE-2011-4313 |
|
|
DoS |
2011-11-29 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. |
|
19 |
CVE-2011-2749 |
20 |
|
DoS |
2011-08-15 |
2012-01-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. |
|
20 |
CVE-2011-2748 |
20 |
|
DoS |
2011-08-15 |
2012-01-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. |
|
21 |
CVE-2011-2465 |
|
|
DoS |
2011-07-08 |
2011-09-06 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query. |
|
22 |
CVE-2011-2464 |
|
|
DoS |
2011-07-08 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request. |
|
23 |
CVE-2011-1910 |
189 |
|
DoS |
2011-05-31 |
2011-10-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. |
|
24 |
CVE-2011-1907 |
399 |
|
DoS |
2011-05-09 |
2011-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query. |
|
25 |
CVE-2011-0997 |
20 |
|
Exec Code |
2011-04-08 |
2012-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. |
|
26 |
CVE-2011-0414 |
399 |
|
DoS |
2011-02-23 |
2013-01-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update. |
|
27 |
CVE-2011-0413 |
20 |
|
DoS |
2011-01-31 |
2011-03-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. |
|
28 |
CVE-2010-3762 |
20 |
|
DoS |
2010-10-05 |
2011-03-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query. |
|
29 |
CVE-2010-3616 |
20 |
|
DoS |
2010-12-17 |
2011-01-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520. |
|
30 |
CVE-2010-3615 |
264 |
|
|
2010-12-06 |
2011-01-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism. |
|
31 |
CVE-2010-3614 |
|
|
DoS |
2010-12-06 |
2011-10-20 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover. |
|
32 |
CVE-2010-3613 |
264 |
|
DoS |
2010-12-06 |
2011-10-20 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data. |
|
33 |
CVE-2010-3611 |
|
|
DoS |
2010-11-04 |
2011-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field. |
|
34 |
CVE-2010-2156 |
189 |
1
|
DoS |
2010-06-07 |
2010-07-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID. |
|
35 |
CVE-2010-0382 |
|
|
|
2010-01-22 |
2011-07-18 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022. |
|
36 |
CVE-2010-0290 |
|
|
|
2010-01-22 |
2011-07-18 |
4.0 |
None |
Remote |
High |
Not required |
None |
Partial |
Partial |
|
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022. |
|
37 |
CVE-2010-0218 |
264 |
|
+Info |
2010-10-05 |
2010-10-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query. |
|
38 |
CVE-2010-0213 |
|
|
DoS |
2010-07-28 |
2010-12-07 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. |
|
39 |
CVE-2010-0097 |
|
|
|
2010-01-22 |
2011-10-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain. |
|
40 |
CVE-2009-4022 |
|
|
|
2009-11-25 |
2011-10-27 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438. |
|
41 |
CVE-2009-1893 |
59 |
|
|
2009-07-17 |
2010-08-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command. |
|
42 |
CVE-2009-1892 |
16 |
|
DoS |
2009-07-17 |
2009-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests. |
|
43 |
CVE-2009-0696 |
16 |
|
DoS |
2009-07-29 |
2011-07-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009. |
|
44 |
CVE-2009-0692 |
119 |
|
Exec Code Overflow |
2009-07-14 |
2010-08-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. |
|
45 |
CVE-2009-0265 |
287 |
|
Bypass |
2009-01-26 |
2009-02-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025. |
|
46 |
CVE-2009-0025 |
287 |
|
Bypass |
2009-01-07 |
2012-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. |
|
47 |
CVE-2008-4163 |
20 |
|
DoS |
2008-09-22 |
2009-08-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. |
|
48 |
CVE-2008-1447 |
|
3
|
|
2008-07-08 |
2013-05-14 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." |
|
49 |
CVE-2008-0122 |
189 |
|
DoS Exec Code Mem. Corr. |
2008-01-15 |
2011-08-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. |
|
50 |
CVE-2007-2930 |
|
|
|
2007-09-11 |
2008-12-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926. |
