Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bind
(Isc)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 174 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-07-03 | CVE-2002-0651 | Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | Bind | N/A | ||
| 2002-06-18 | CVE-2002-0400 | ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | Bind | N/A | ||
| 2002-11-29 | CVE-2002-0029 | Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | Security_linux, Bind | N/A | ||
| 2001-02-12 | CVE-2001-0013 | Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | Bind | N/A | ||
| 2001-02-12 | CVE-2001-0012 | BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | Bind | N/A | ||
| 2001-02-12 | CVE-2001-0011 | Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | Bind | N/A | ||
| 2001-02-12 | CVE-2001-0010 | Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | Bind | N/A | ||
| 2000-12-11 | CVE-2000-1029 | Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query. | Bind | N/A | ||
| 2000-12-19 | CVE-2000-0887 | named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | Bind | N/A | ||
| 2000-05-03 | CVE-2000-0335 | The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | Glibc, Bind | N/A |