Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
21 CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c

CVE: CVE-2015-8704 Document Version: 2.0 Posting date: 19 January 2016 Program Impacted: BIND Versions affected: 9.3.0->9.8.8, 9.9.0->9.9.8-P2, 9.9.3-S1->9.9.8-S3, 9.10.0->9.10.3-P2 Severity: High Exploitable: Remotely Description: A buffer size…

22 CVE-2015-8705: Problems converting OPT resource records and ECS options to text format can cause BIND to terminate.

CVE: CVE-2015-8705 Document Version: 2.0 Posting date: 19 January 2016 Program Impacted: BIND Versions affected: 9.10.0->9.10.3-P2 Severity: Medium Exploitable: Remotely Description: In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or…

23 CVE-2015-8461: A race condition when handling socket errors can lead to an assertion failure in resolver.c

CVE: CVE-2015-8461 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.9.8 -> 9.9.8-P1, 9.9.8-S1 -> 9.9.8-S2, 9.10.3 -> 9.10.3-P1 Severity: Medium Exploitable: Remotely Description: Beginning with the…

24 CVE-2015-8000: Responses with a malformed class attribute can trigger an assertion failure in db.c

CVE: CVE-2015-8000 Document Version: 2.0 Posting date: 15 December 2015 Program Impacted: BIND Versions affected: 9.0.x -> 9.9.8, 9.10.0 -> 9.10.3 Severity: Critical Exploitable: Remotely Description: An error in the parsing of incoming responses allows…

25 CVE-2015-5986: An incorrect boundary check can trigger a REQUIRE assertion failure in openpgpkey_61.c

CVE: CVE-2015-5986 Document Version: 2.0 Posting date: 02 September 2015 Program Impacted: BIND Versions affected: 9.9.7 -> 9.9.7-P2, 9.10.2 -> 9.10.2-P3. Severity: Critical Exploitable: Remotely Description: An incorrect boundary check in openpgpkey_61.c…

26 CVE-2015-5722: Parsing malformed keys may cause BIND to exit due to a failed assertion in buffer.c

CVE: CVE-2015-5722 Document Version: 2.0 Posting date: 2 September 2015 Program Impacted: BIND Versions affected: BIND 9.0.0 -> 9.8.8, BIND 9.9.0 -> 9.9.7-P2, BIND 9.10.0 -> 9.10.2-P3 Severity: Critical Exploitable: Remotely Description: Parsing…

27 CVE-2015-5477: An error in handling TKEY queries can cause named to exit with a REQUIRE assertion failure

A deliberately constructed packet can exploit an error in the handling of queries for TKEY records, permitting denial of service. CVE: CVE-2015-5477 Document Version: 2.2 Posting date: 28 July 2015 Program Impacted: BIND Versions affected: 9.1.0 -> 9.8.x,…

28 CVE-2015-4620: Specially Constructed Zone Data Can Cause a Resolver to Crash when Validating

An attacker who can cause a validating resolver to query a zone containing specifically constructed contents can cause that resolver to fail an assertion and terminate due to a defect in validation code. CVE: CVE-2015-4620 Document Version: 2.0 Posting date:…

29 CVE-2015-1349: A Problem with Trust Anchor Management Can Cause named to Crash

When configured to perform DNSSEC validation, named can crash when encountering a rare set of conditions in the managed trust anchors. CVE: CVE-2015-1349 Document Version: 2.0 Posting date: 18 Feb 2015 Program Impacted: BIND Versions affected: BIND 9.7.0…

30 CVE-2014-8680: Defects in GeoIP features can cause BIND to crash

Two defects have been identified in the GeoIP feature added in BIND 9.10 which, when triggered, cause BIND to exit with an assertion failure. CVE: CVE-2014-8680 Document Version: 2 .0 Posting date: 08 December 2014 Program Impacted: BIND 9 Versions affected:…