Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
11 CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormally

A specially crafted query sent to a BIND nameserver can cause it to crash (terminate abnormally). CVE: CVE-2013-4854 Document Version: 2.0 Posting date: 26 July 2013 Program Impacted: BIND Versions affected: Open source: 9.7.0->9.7.7, 9.8.0->9.8.5-P1,…

12 CVE-2013-4854: FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

13 CVE-2013-3919: FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

14 CVE-2013-3919: A recursive resolver can be crashed by a query for a malformed zone

A defect exists which allows an attacker to crash a BIND 9 recursive resolver with a RUNTIME_CHECK error in resolver.c CVE: CVE-2013-3919 Document Version: 1.1 Posting date: 04 Jun 2013 Program Impacted: BIND 9 Versions affected: BIND 9.6-ESV-R9, 9.8.5, and…

15 CVE-2013-2266: FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

16 CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns. CVE: CVE-2013-2266 Document Version: 2.0 Posting date: 26 March 2013 Program Impacted: BIND Versions affected: "Unix" versions…

17 CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ

ISC has learned of the potential for an error condition in BIND 9 that can cause a nameserver to terminate with an assertion failure when processing queries if it has been configured to use both DNS64 and Response Policy Zones (RPZ). CVE: CVE-2012-5689 Document…

18 CVE-2012-5688: BIND 9 servers using DNS64 can be crashed by a crafted query

A specific query can cause BIND nameservers using DNS64 to exit with a REQUIRE assertion failure. CVE: CVE-2012-5688 Document Version: 2.0 Posting date: 04 Dec 2012 Program Impacted: BIND Versions affected: 9.8.0->9.8.4, 9.9.0->9.9.2 Severity: Critical…

19 CVE-2012-5166 FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

20 CVE-2012-5166: Specially crafted DNS data can cause a lockup in named

A nameserver can be locked up if it can be induced to load a specially crafted combination of resource records. CVE: CVE-2012-5166 Document Version: 2.1 Posting date: 9 October 2012 Program Impacted: BIND Versions affected: 9.2.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1,…