| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in BIND 8.2 via NXT records. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. |
| Denial of service in BIND named via maxdname. |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
| Buffer overflow in INN inews program. |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. |
| Remote access in AIX innd 1.5.1, using control messages. |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. |
| If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem.
This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0. |
| Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion.
This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1. |
| If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server.
This issue affects Stork versions 1.0.0 through 2.3.0. |
| A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack.
This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1. |
| When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure.
This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7. |
