Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
1 BIND 9 Security Vulnerability Matrix Featured

The BIND 9 Security Vulnerability Matrix is a tool to help DNS operators understand the current security risk for a given version of BIND. It has two parts: The first part is a table listing all of the vulnerabilities covered by this page. The first column…

2 CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash

When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors. CVE: CVE-2015-1349 Document Version: 2.0 Posting date: 18 Feb 2015 Program Impacted: BIND Versions affected: BIND 9.7.0…

3 CVE-2014-8680: Defects in GeoIP features can cause BIND to crash

Two defects have been identified in the GeoIP feature added in BIND 9.10 which, when triggered, cause BIND to exit with an assertion failure. CVE: CVE-2014-8680 Document Version: 2 .0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected:…

4 CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND

Failure to place limits on delegation chaining can allow an attacker to crash BIND or cause memory exhaustion. CVE: CVE-2014-8500 Document Version: 2.0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected: 9.0.x -> 9.8.x, 9.9.0 ->…

5 CVE-2014-3859: BIND named can crash due to a defect in EDNS printing processing

A specially crafted query sent to a BIND nameserver can cause it to crash with a REQUIRE assertion error. CVE: CVE-2014-3859 Document Version: 2.0 Posting date: 11 June 2014 Program Impacted: BIND Versions affected: 9.10.0, 9.10.0-P1 Severity: Critical Exploitable:…

6 CVE-2014-3214: A Defect in Prefetch Can Cause Recursive Servers to Crash

A defect in the prefetch feature can cause named to crash when handling some queries. CVE: CVE-2014-3214 Document Version: 2.0 Posting date: 8 May 2014 Program Impacted: BIND Versions affected: 9.10.0 Severity: High Exploitable: Remotely Description: A defect…

7 CVE-2014-0591: FAQ and Supplemental Information

This page provides supplemental information for the CVE-2014-0591 Security Advisory (CVE-2014-0591: A Crafted Query Against an NSEC3-signed Zone Can Crash BIND.) What causes this vulnerability? One of our developers writes: "The bug (which causes an INSIST…

8 CVE-2014-0591: A Crafted Query Against an NSEC3-signed Zone Can Crash BIND

An unintentional defect in the handling of NSEC3-signed zones can cause BIND to be crashed by a specific set of queries. CVE: CVE-2014-0591 Document Version: 2.0 Posting date: 13 Jan 2014 Program Impacted: BIND Versions affected: 9.6.0.x -> 9.6-ESV-R10-P1,…

9 CVE-2013-6230: A Winsock API Bug Can Cause a Side-Effect Affecting BIND ACLs

A Winsock library call on some Windows systems can return an incorrect value for an interface's netmask, potentially causing unexpected matches to BIND's built-in "localnets" Access Control List. CVE: CVE-2013-6230 Document Version: 2.0 Posting date: 06 November…

10 CVE-2013-6230: FAQ and Supplemental Information

This page provides supplemental information for the CVE-2013-6230 Security Advisory (https://kb.isc.org/article/AA-01062). Why aren't the Windows versions listed? At this time, we don't know which Microsoft Windows operating system versions or service pack…

1 2 3 4 Next