Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-3145 | 5.0 |
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to
|
21-06-2023 - 18:19 | 16-01-2019 - 20:29 | |
CVE-2017-3139 | 5.0 |
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
|
14-05-2021 - 20:35 | 09-04-2019 - 18:29 | |
CVE-2016-2775 | 4.3 |
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight reso
|
25-08-2020 - 20:18 | 19-07-2016 - 22:59 | |
CVE-2017-3137 | 5.0 |
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which record
|
09-10-2019 - 23:27 | 16-01-2019 - 20:29 | |
CVE-2017-3143 | 4.3 |
An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. A
|
03-10-2019 - 00:03 | 16-01-2019 - 20:29 |