Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
1 BIND 9 Security Vulnerability Matrix Featured

The BIND 9 Security Vulnerability Matrix is a tool to help DNS operators understand the current security risk for a given version of BIND. It has two parts: The first part is a table listing all of the vulnerabilities covered by this page. The first column…

2 CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure

A deliberately constructed packet can exploit an error in the handling of queries for TKEY records, permitting denial of service. CVE: CVE-2015-5477 Document Version: 2.2 Posting date: 28 July 2015 Program Impacted: BIND Versions affected: 9.1.0 -> 9.8.x,…

3 CVE-2015-4620: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating

An attacker who can cause a validating resolver to query a zone containing specifically constructed contents can cause that resolver to fail an assertion and terminate due to a defect in validation code. CVE: CVE-2015-4620 Document Version: 2.0 Posting date:…

4 CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash

When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors. CVE: CVE-2015-1349 Document Version: 2.0 Posting date: 18 Feb 2015 Program Impacted: BIND Versions affected: BIND 9.7.0…

5 CVE-2014-8680: Defects in GeoIP features can cause BIND to crash

Two defects have been identified in the GeoIP feature added in BIND 9.10 which, when triggered, cause BIND to exit with an assertion failure. CVE: CVE-2014-8680 Document Version: 2 .0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected:…

6 CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND

Failure to place limits on delegation chaining can allow an attacker to crash BIND or cause memory exhaustion. CVE: CVE-2014-8500 Document Version: 2.0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected: 9.0.x -> 9.8.x, 9.9.0 ->…

7 CVE-2014-3859: BIND named can crash due to a defect in EDNS printing processing

A specially crafted query sent to a BIND nameserver can cause it to crash with a REQUIRE assertion error. CVE: CVE-2014-3859 Document Version: 2.0 Posting date: 11 June 2014 Program Impacted: BIND Versions affected: 9.10.0, 9.10.0-P1 Severity: Critical Exploitable:…

8 CVE-2014-3214: A Defect in Prefetch Can Cause Recursive Servers to Crash

A defect in the prefetch feature can cause named to crash when handling some queries. CVE: CVE-2014-3214 Document Version: 2.0 Posting date: 8 May 2014 Program Impacted: BIND Versions affected: 9.10.0 Severity: High Exploitable: Remotely Description: A defect…

9 CVE-2014-0591: FAQ and Supplemental Information

This page provides supplemental information for the CVE-2014-0591 Security Advisory (CVE-2014-0591: A Crafted Query Against an NSEC3-signed Zone Can Crash BIND.) What causes this vulnerability? One of our developers writes: "The bug (which causes an INSIST…

10 CVE-2014-0591: A Crafted Query Against an NSEC3-signed Zone Can Crash BIND

An unintentional defect in the handling of NSEC3-signed zones can cause BIND to be crashed by a specific set of queries. CVE: CVE-2014-0591 Document Version: 2.0 Posting date: 13 Jan 2014 Program Impacted: BIND Versions affected: 9.6.0.x -> 9.6-ESV-R10-P1,…

1 2 3 4 Next