ISC : Security Vulnerabilities, CVEs, CVSS score between 5 and 5.99
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Max CVSS
5.0
EPSS Score
0.29%
Published
1998-04-08
Updated
2018-10-30
DNS cache poisoning via BIND, by predictable query IDs.
Max CVSS
5.0
EPSS Score
0.75%
Published
1997-08-13
Updated
2022-08-17
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
Max CVSS
5.0
EPSS Score
0.33%
Published
1999-11-10
Updated
2018-10-30
Denial of service in BIND named via maxdname.
Max CVSS
5.0
EPSS Score
0.30%
Published
1999-11-10
Updated
2008-09-09
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article.
Max CVSS
5.0
EPSS Score
0.65%
Published
2000-10-20
Updated
2008-09-10
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
Max CVSS
5.0
EPSS Score
10.09%
Published
2000-12-19
Updated
2018-05-03
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
Max CVSS
5.0
EPSS Score
1.30%
Published
2000-12-19
Updated
2020-12-09
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
Max CVSS
5.0
EPSS Score
0.71%
Published
2001-02-12
Updated
2008-09-10
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
Max CVSS
5.0
EPSS Score
11.23%
Published
2002-06-18
Updated
2008-09-10
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
Max CVSS
5.0
EPSS Score
15.20%
Published
2002-11-29
Updated
2018-05-03
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
Max CVSS
5.0
EPSS Score
5.35%
Published
2002-11-29
Updated
2018-05-03
BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Max CVSS
5.0
EPSS Score
1.94%
Published
2002-12-31
Updated
2018-10-19
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Max CVSS
5.0
EPSS Score
0.29%
Published
2002-12-31
Updated
2008-09-05
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Max CVSS
5.0
EPSS Score
0.25%
Published
2002-12-31
Updated
2008-09-05
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.
Max CVSS
5.0
EPSS Score
4.43%
Published
2003-02-07
Updated
2017-10-10
Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses.
Max CVSS
5.0
EPSS Score
3.41%
Published
2005-05-02
Updated
2017-07-11
CVE-2006-0987
Public exploit
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
Max CVSS
5.0
EPSS Score
1.57%
Published
2006-03-03
Updated
2018-10-18
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
Max CVSS
5.0
EPSS Score
8.16%
Published
2006-04-27
Updated
2017-07-20
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."
Max CVSS
5.0
EPSS Score
88.16%
Published
2006-08-09
Updated
2011-06-13
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
Max CVSS
5.0
EPSS Score
20.49%
Published
2006-09-06
Updated
2018-10-17
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
Max CVSS
5.8
EPSS Score
1.02%
Published
2007-07-24
Updated
2018-10-30
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
Max CVSS
5.0
EPSS Score
7.30%
Published
2009-07-17
Updated
2017-08-17
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
Max CVSS
5.0
EPSS Score
0.26%
Published
2010-10-05
Updated
2016-04-04
CVE-2010-2156
Public exploit
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
Max CVSS
5.0
EPSS Score
96.68%
Published
2010-06-07
Updated
2017-08-17
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
Max CVSS
5.0
EPSS Score
2.45%
Published
2010-12-06
Updated
2016-04-04