Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
11 CVE-2016-2088: A response containing multiple DNS cookies causes servers with cookie support enabled to exit with an assertion failure.

CVE: CVE-2016-2088 Document Version: 2.0 Posting date: 09 March 2016 Program Impacted: BIND Versions affected: 9.10.0 -> 9.10.3-P3 Severity: High Exploitable: Remotely Description: BIND 9.10 has preliminary support for DNS cookies (or source identity tokens),…

12 CVE-2016-1286: A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c

CVE: CVE-2016-1286 Document Version: 2.0 Posting date: 09 March 2016 Program Impacted: BIND Versions affected: 9.0.0 -> 9.8.8, 9.9.0 -> 9.9.8-P3, 9.9.3-S1 -> 9.9.8-S5, 9.10.0 -> 9.10.3-P3 Severity: High Exploitable: Remotely Description: An error…

13 CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c

CVE: CVE-2015-8704 Document Version: 2.0 Posting date: 19 January 2016 Program Impacted: BIND Versions affected: 9.3.0->9.8.8, 9.9.0->9.9.8-P2, 9.9.3-S1->9.9.8-S3, 9.10.0->9.10.3-P2 Severity: High Exploitable: Remotely Description: A buffer size…

14 CVE-2015-8705: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate.

CVE: CVE-2015-8705 Document Version: 2.0 Posting date: 19 January 2016 Program Impacted: BIND Versions affected: 9.10.0->9.10.3-P2 Severity: Medium Exploitable: Remotely Description: In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or…

15 CVE-2015-8461: A race condition when handling socket errors can lead to an assertion failure in resolver.c

CVE: CVE-2015-8461 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1 Severity: Medium Exploitable: Remotely Description: Beginning with the…

16 CVE-2015-8000: Responses with a malformed class attribute can trigger an assertion failure in db.c

CVE: CVE-2015-8000 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.0.x -> 9.9.8, 9.10.0 -> 9.10.3 Severity: Critical Exploitable: Remotely Description: An error in the parsing of incoming responses allows…

17 CVE-2015-5986: An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c

CVE: CVE-2015-5986 Document Version: 2.0 Posting date: 02 September 2015 Program Impacted: BIND Versions affected: 9.9.7 -> 9.9.7-P2, 9.10.2 -> 9.10.2-P3. Severity: Critical Exploitable: Remotely Description: An incorrect boundary check in openpgpkey_61.c…

18 CVE-2015-5722: Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c

CVE: CVE-2015-5722 Document Version: 2.0 Posting date: 2 September 2015 Program Impacted: BIND Versions affected: BIND 9.0.0 -> 9.8.8, BIND 9.9.0 -> 9.9.7-P2, BIND 9.10.0 -> 9.10.2-P3 Severity: Critical Exploitable: Remotely Description: Parsing…

19 CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure

A deliberately constructed packet can exploit an error in the handling of queries for TKEY records, permitting denial of service. CVE: CVE-2015-5477 Document Version: 2.2 Posting date: 28 July 2015 Program Impacted: BIND Versions affected: 9.1.0 -> 9.8.x,…

20 CVE-2015-4620: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating

An attacker who can cause a validating resolver to query a zone containing specifically constructed contents can cause that resolver to fail an assertion and terminate due to a defect in validation code. CVE: CVE-2015-4620 Document Version: 2.0 Posting date:…