Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
11 CVE-2015-8461: A race condition when handling socket errors can lead to an assertion failure in resolver.c

CVE: CVE-2015-8461 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1 Severity: Medium Exploitable: Remotely Description: Beginning with the…

12 CVE-2015-8000: Responses with a malformed class attribute can trigger an assertion failure in db.c

CVE: CVE-2015-8000 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.0.x -> 9.9.8, 9.10.0 -> 9.10.3 Severity: Critical Exploitable: Remotely Description: An error in the parsing of incoming responses allows…

13 CVE-2015-5986: An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c

CVE: CVE-2015-5986 Document Version: 2.0 Posting date: 02 September 2015 Program Impacted: BIND Versions affected: 9.9.7 -> 9.9.7-P2, 9.10.2 -> 9.10.2-P3. Severity: Critical Exploitable: Remotely Description: An incorrect boundary check in openpgpkey_61.c…

14 CVE-2015-5722: Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c

CVE: CVE-2015-5722 Document Version: 2.0 Posting date: 2 September 2015 Program Impacted: BIND Versions affected: BIND 9.0.0 -> 9.8.8, BIND 9.9.0 -> 9.9.7-P2, BIND 9.10.0 -> 9.10.2-P3 Severity: Critical Exploitable: Remotely Description: Parsing…

15 CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure

A deliberately constructed packet can exploit an error in the handling of queries for TKEY records, permitting denial of service. CVE: CVE-2015-5477 Document Version: 2.2 Posting date: 28 July 2015 Program Impacted: BIND Versions affected: 9.1.0 -> 9.8.x,…

16 CVE-2015-4620: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating

An attacker who can cause a validating resolver to query a zone containing specifically constructed contents can cause that resolver to fail an assertion and terminate due to a defect in validation code. CVE: CVE-2015-4620 Document Version: 2.0 Posting date:…

17 CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash

When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors. CVE: CVE-2015-1349 Document Version: 2.0 Posting date: 18 Feb 2015 Program Impacted: BIND Versions affected: BIND 9.7.0…

18 CVE-2014-8680: Defects in GeoIP features can cause BIND to crash

Two defects have been identified in the GeoIP feature added in BIND 9.10 which, when triggered, cause BIND to exit with an assertion failure. CVE: CVE-2014-8680 Document Version: 2 .0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected:…

19 CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND

Failure to place limits on delegation chaining can allow an attacker to crash BIND or cause memory exhaustion. CVE: CVE-2014-8500 Document Version: 2.0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected: 9.0.x -> 9.8.x, 9.9.0 ->…

20 CVE-2014-3859: BIND named can crash due to a defect in EDNS printing processing

A specially crafted query sent to a BIND nameserver can cause it to crash with a REQUIRE assertion error. CVE: CVE-2014-3859 Document Version: 2.0 Posting date: 11 June 2014 Program Impacted: BIND Versions affected: 9.10.0, 9.10.0-P1 Severity: Critical Exploitable:…