Filtered by vendor Isc
Subscribe
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5689 | 3 Canonical, Isc, Redhat | 8 Ubuntu Linux, Bind, Enterprise Linux Desktop and 5 more | 2016-08-19 | 7.1 HIGH | N/A |
| ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. | |||||
| CVE-2010-0213 | 1 Isc | 1 Bind | 2016-04-04 | 2.6 LOW | N/A |
| BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers. | |||||
| CVE-2010-3615 | 1 Isc | 1 Bind | 2016-04-04 | 5.0 MEDIUM | N/A |
| named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism. | |||||
| CVE-2010-0218 | 1 Isc | 1 Bind | 2016-04-04 | 5.0 MEDIUM | N/A |
| ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query. | |||||
| CVE-2012-3868 | 1 Isc | 1 Bind | 2013-11-25 | 4.3 MEDIUM | N/A |
| Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries. | |||||
| CVE-2013-2494 | 1 Isc | 1 Dhcp | 2013-03-29 | 4.9 MEDIUM | N/A |
| libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266. | |||||
| CVE-2012-3523 | 1 Isc | 1 Inn | 2013-02-22 | 6.8 MEDIUM | N/A |
| The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. | |||||
| CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2011-06-13 | 5.0 MEDIUM | N/A |
| The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | |||||
| CVE-2010-3616 | 1 Isc | 1 Dhcp | 2011-01-19 | 5.0 MEDIUM | N/A |
| ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520. | |||||
| CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
| CVE-2002-0400 | 1 Isc | 1 Bind | 2008-09-10 | 5.0 MEDIUM | N/A |
| ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | |||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0010 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0012 | 1 Isc | 1 Bind | 2008-09-10 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2000-0360 | 1 Isc | 1 Inn | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2008-09-10 | 7.5 HIGH | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
| CVE-1999-0849 | 1 Isc | 1 Bind | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in BIND named via maxdname. | |||||
| CVE-1999-0785 | 1 Isc | 1 Inn | 2008-09-09 | 7.2 HIGH | N/A |
| The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. | |||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in INN inews program. | |||||