| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2266 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. |
|
2 |
CVE-2012-5689 |
|
|
DoS |
2013-01-25 |
2013-01-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. |
|
3 |
CVE-2012-5688 |
20 |
|
DoS |
2012-12-06 |
2012-12-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. |
|
4 |
CVE-2012-5166 |
189 |
|
DoS |
2012-10-10 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. |
|
5 |
CVE-2012-4244 |
|
|
DoS |
2012-09-14 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record. |
|
6 |
CVE-2012-3955 |
|
|
DoS |
2012-09-14 |
2013-04-01 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. |
|
7 |
CVE-2012-3817 |
20 |
|
DoS |
2012-07-25 |
2013-04-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries. |
|
8 |
CVE-2011-2749 |
20 |
|
DoS |
2011-08-15 |
2012-01-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. |
|
9 |
CVE-2011-2748 |
20 |
|
DoS |
2011-08-15 |
2012-01-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. |
|
10 |
CVE-2011-0997 |
20 |
|
Exec Code |
2011-04-08 |
2012-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. |
|
11 |
CVE-2011-0414 |
399 |
|
DoS |
2011-02-23 |
2013-01-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update. |
|
12 |
CVE-2011-0413 |
20 |
|
DoS |
2011-01-31 |
2011-03-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. |
|
13 |
CVE-2010-0382 |
|
|
|
2010-01-22 |
2011-07-18 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022. |
|
14 |
CVE-2008-4163 |
20 |
|
DoS |
2008-09-22 |
2009-08-19 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors. |
|
15 |
CVE-2007-2241 |
|
|
DoS |
2007-05-02 |
2008-11-13 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. |
|
16 |
CVE-2007-0493 |
|
|
DoS |
2007-01-25 |
2010-09-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." |
|
17 |
CVE-2006-0527 |
264 |
|
+Priv |
2006-02-02 |
2011-05-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. |
|
18 |
CVE-2004-0045 |
|
|
Exec Code Overflow |
2004-02-03 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. |
|
19 |
CVE-2003-0026 |
|
|
Exec Code Overflow |
2003-01-17 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. |
|
20 |
CVE-2002-1219 |
|
|
Exec Code Overflow |
2002-11-29 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). |
|
21 |
CVE-2002-0684 |
|
|
Exec Code Overflow |
2002-08-12 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr. |
|
22 |
CVE-2002-0651 |
|
|
DoS Exec Code Overflow |
2002-07-03 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. |
|
23 |
CVE-2002-0029 |
|
|
Exec Code Overflow |
2002-11-29 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. |
|
24 |
CVE-2000-0335 |
|
|
|
2000-05-03 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. |
|
25 |
CVE-1999-0868 |
|
|
Exec Code |
1997-02-20 |
2008-09-09 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
|
26 |
CVE-1999-0833 |
|
|
Overflow |
1999-11-10 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in BIND 8.2 via NXT records. |
|
27 |
CVE-1999-0808 |
|
|
DoS Exec Code Overflow |
1999-12-31 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options. |
|
28 |
CVE-1999-0785 |
|
|
+Priv |
1999-05-11 |
2008-09-09 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. |
|
29 |
CVE-1999-0706 |
|
|
+Priv |
2000-04-27 |
2008-09-09 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
|
30 |
CVE-1999-0705 |
|
|
Overflow |
1999-09-01 |
2008-09-09 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in INN inews program. |
|
31 |
CVE-1999-0247 |
|
|
Exec Code Overflow |
1997-07-21 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. |
