Knowledge Base ISC Main Website Ask a Question/Contact ISC
Quick Jump Menu
21 CVE-2013-3919: FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

22 CVE-2013-3919: A recursive resolver can be crashed by a query for a malformed zone

A defect exists which allows an attacker to crash a BIND 9 recursive resolver with a RUNTIME_CHECK error in resolver.c CVE: CVE-2013-3919 Document Version: 1.1 Posting date: 04 Jun 2013 Program Impacted: BIND 9 Versions affected: BIND 9.6-ESV-R9, 9.8.5, and…

23 CVE-2013-2266: FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

24 CVE-2013-2266: A Maliciously Crafted Regular Expression Can Cause Memory Exhaustion in named

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns. CVE: CVE-2013-2266 Document Version: 2.0 Posting date: 26 March 2013 Program Impacted: BIND Versions affected: "Unix" versions…

25 CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ

ISC has learned of the potential for an error condition in BIND 9 that can cause a nameserver to terminate with an assertion failure when processing queries if it has been configured to use both DNS64 and Response Policy Zones (RPZ). CVE: CVE-2012-5689 Document…

26 CVE-2012-5688: BIND 9 servers using DNS64 can be crashed by a crafted query

A specific query can cause BIND nameservers using DNS64 to exit with a REQUIRE assertion failure. CVE: CVE-2012-5688 Document Version: 2.0 Posting date: 04 Dec 2012 Program Impacted: BIND Versions affected: 9.8.0->9.8.4, 9.9.0->9.9.2 Severity: Critical…

27 CVE-2012-5166 FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…

28 CVE-2012-5166: Specially crafted DNS data can cause a lockup in named

A nameserver can be locked up if it can be induced to load a specially crafted combination of resource records. CVE: CVE-2012-5166 Document Version: 2.1 Posting date: 9 October 2012 Program Impacted: BIND Versions affected: 9.2.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1,…

29 CVE-2012-4244: A specially crafted Resource Record could cause named to terminate

A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record. CVE: CVE-2012-4244 Document Version: 2.0 Posting date: 12 September 2012 Program Impacted: BIND Versions affected: 9.0.x -> 9.6.x,…

30 CVE-2012-3817 FAQ and Supplemental Information

About This Document For up to date information on this vulnerability, patches, and other operational information, please see the official vulnerability announcement. This article is intended to supplement the information in that announcement and will be updated…