ISC : Security Vulnerabilities, CVEs, Published In 2006 CVSS score >= 4
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
Max CVSS
5.0
EPSS Score
20.49%
Published
2006-09-06
Updated
2018-10-17
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.
Max CVSS
7.5
EPSS Score
7.61%
Published
2006-09-06
Updated
2024-02-15
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."
Max CVSS
5.0
EPSS Score
88.16%
Published
2006-08-09
Updated
2011-06-13
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
Max CVSS
5.0
EPSS Score
8.16%
Published
2006-04-27
Updated
2017-07-20
CVE-2006-0987
Public exploit
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
Max CVSS
5.0
EPSS Score
1.57%
Published
2006-03-03
Updated
2018-10-18
BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack.
Max CVSS
7.5
EPSS Score
5.94%
Published
2006-02-02
Updated
2018-10-19
6 vulnerabilities found