"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Max CVSS
7.5
EPSS Score
95.32%
Published
2019-01-16
Updated
2022-04-12
CVE-2016-2776
Public exploit
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Max CVSS
7.8
EPSS Score
97.25%
Published
2016-09-28
Updated
2019-12-27
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-07-06
Updated
2016-12-28
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
Max CVSS
7.8
EPSS Score
95.47%
Published
2013-07-29
Updated
2019-04-22
Unspecified vulnerability in Role-Based Access Control (RBAC) in HP HP-UX B.11.23 and B.11.31 allows local users to bypass intended access restrictions via unknown vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2009-09-24
Updated
2017-09-19
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
Max CVSS
7.8
EPSS Score
3.27%
Published
2009-10-05
Updated
2017-09-19
Unspecified vulnerability in DCE in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
7.8
EPSS Score
3.69%
Published
2008-12-11
Updated
2011-03-08
Unspecified vulnerability in libc on HP HP-UX B.11.23 and B.11.31 allows remote attackers to cause a denial of service via unknown vectors.
Max CVSS
7.8
EPSS Score
4.25%
Published
2008-08-08
Updated
2017-09-29
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
5.00%
Published
2007-12-24
Updated
2017-09-29
Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 platform allows local users to obtain unspecified access.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-11-14
Updated
2017-09-29
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors.
Max CVSS
7.1
EPSS Score
4.73%
Published
2007-08-01
Updated
2017-09-29
Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, allows remote attackers to cause a denial of service (system crash) via unspecified vectors.
Max CVSS
7.1
EPSS Score
6.66%
Published
2007-01-19
Updated
2017-10-11
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-09-29
Updated
2018-10-17
Unspecified vulnerability in mkdir in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-07-03
Updated
2018-10-18
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-05-24
Updated
2018-10-18
Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-04-11
Updated
2018-10-18
Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
7.03%
Published
2006-03-25
Updated
2017-10-11
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-01-26
Updated
2017-10-11
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
Max CVSS
7.5
EPSS Score
1.86%
Published
2005-12-21
Updated
2018-10-19
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
Max CVSS
7.8
EPSS Score
31.91%
Published
2005-12-17
Updated
2018-10-19
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2005-11-23
Updated
2017-10-11
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in HP HP-UX B.11.00, B.11.11, and B.11.23 running IPSec, HP Jetdirect 635n IPv6/IPsec Print Server, and HP Tru64 UNIX 5.1B-3 and 5.1B-2/PK4, allow remote attackers to cause a denial of service via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the HP advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Max CVSS
7.8
EPSS Score
6.35%
Published
2005-11-18
Updated
2017-10-11
Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors.
Max CVSS
7.5
EPSS Score
2.34%
Published
2005-11-16
Updated
2017-10-11
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2005-11-16
Updated
2017-10-11
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-10-11