CRITICAL9.8CVE-2026-3593A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. from 0, < 1:9.20.23-1~deb13u1
CRITICAL9.8CVE-2021-25216In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Previe… from 0, < 1:9.16.15-1
HIGH8.6In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to p…
from 0, < 1:9.16.50-1~deb11u4
HIGH8.6bind9 - security update
from 0, < 1:9.18.41-1~deb12u1
HIGH8.6bind9 - security update
from 0, < 1:9.16.50-1~deb11u4
HIGH8.6bind9 - security update
from 0, < 1:9.16.50-1~deb11u4
HIGH8.6bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u19
HIGH8.6bind9 - security update
from 0, < 1:9.16.3-1
HIGH8.6bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u6
HIGH8.6named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure a…
from 0, < 1:9.10.3.dfsg.P4-6
HIGH8.2The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.
from 0
HIGH8.1bind9 - security update
from 0, < 1:9.16.12-1
HIGH8.1bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u3
HIGH8.1bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u8
HIGH7.5Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `C…
from 0
HIGH7.5BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when re…
from 0
HIGH7.5A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.
from 0, < 1:9.20.21-1~deb13u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.50-1~deb11u5
HIGH7.5bind9 - security update
from 0, < 1:9.18.47-1~deb12u1
HIGH7.5bind9 - security update
from 0, < 1:9.18.44-1~deb12u1
HIGH7.5bind9 - security update
from 0, < 1:9.18.44-1~deb12u1
HIGH7.5Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion.
from 0, < 1:9.16.50-1~deb11u4
HIGH7.5If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only al…
from 0
HIGH7.5When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it.
from 0, < 1:9.20.9-1
HIGH7.5Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traff…
from 0, < 1:9.18.33-1~deb12u2
HIGH7.5bind9 - security update
from 0, < 1:9.18.33-1~deb12u2
HIGH7.5bind9 - security update
from 0, < 1:9.16.50-1~deb11u3
HIGH7.5bind9 - security update
from 0, < 1:9.16.50-1~deb11u3
HIGH7.5Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion fa…
from 0, < 1:9.16.50-1~deb11u1
HIGH7.5If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed do…
from 0, < 1:9.16.50-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.50-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.50-1~deb11u1
HIGH7.5A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress.
from 0, < 1:9.18.28-1~deb12u1
HIGH7.5The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a de…
from 0, < 1:9.16.48-1
HIGH7.5pdns-recursor - security update
from 0, < 1:9.16.48-1
HIGH7.5pdns-recursor - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u11
HIGH7.5To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database.
from 0, < 1:9.16.48-1
HIGH7.5A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both…
from 0, < 1:9.16.48-1
HIGH7.5A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is conf…
from 0, < 1:9.16.48-1
HIGH7.5bind9 - security update
from 0, < 1:9.16.48-1
HIGH7.5bind9 - security update
from 0, < 1:9.16.48-1
HIGH7.5A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure.
from 0, < 1:9.18.19-1~deb12u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.44-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u10
HIGH7.5bind9 - security update
from 0, < 1:9.16.44-1~deb11u1
HIGH7.5If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-t…
from 0, < 1:9.16.42-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.42-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u9
HIGH7.5bind9 - security update
from 0, < 1:9.16.42-1~deb11u1
HIGH7.5This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, conf…
from 0, < 1:9.16.37-1~deb11u1
HIGH7.5BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer…
from 0, < 1:9.16.37-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.37-1~deb11u1
HIGH7.5bind9 - security update
from 0, < 1:9.16.37-1~deb11u1
HIGH7.5By sending specific queries to the resolver, an attacker can cause named to crash.
from 0, < 1:9.16.33-1~deb11u1
HIGH7.5By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
from 0, < 1:9.16.33-1~deb11u1
HIGH7.5By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.
from 0, < 1:9.16.33-1~deb11u1
HIGH7.5An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources.
from 0, < 1:9.18.7-1
HIGH7.5On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure.
from 0, < 1:9.18.3-1
HIGH7.5Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually…
from 0, < 1:9.18.1-1
HIGH7.5When the vulnerability is triggered the BIND process will exit.
from 0, < 1:9.18.1-1
HIGH7.5In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…
from 0, < 1:9.16.15-1
HIGH7.5In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition…
from 0, < 1:9.16.6-1
HIGH7.5In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who…
from 0, < 1:9.16.6-1
HIGH7.5In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection…
from 0, < 1:9.16.6-1
HIGH7.5With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via T…
from 0, < 1:9.11.14+dfsg-1
HIGH7.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u20
HIGH7.5bind9 - security update
from 0, < 1:9.9.3.dfsg.P2-1
HIGH7.5A failure to free memory can occur when processing messages having a specific combination of EDNS options.
from 0, < 1:9.11.5.P4+dfsg-1
HIGH7.5bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u18
HIGH7.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u5
HIGH7.5bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-4
HIGH7.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u10
HIGH7.5bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u16
HIGH7.5bind9 - security update
from 0, < 1:9.11.4.P1+dfsg-1
HIGH7.5Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which cli…
from 0, < 1:9.11.3+dfsg-2
HIGH7.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u19
HIGH7.5bind9 - security update
from 0, < 1:9.11.2.P1-1
HIGH7.5bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u15
HIGH7.5Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lea…
from 0, < 1:9.10.3.dfsg.P4-12.3
HIGH7.5named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of se…
from 0, < 1:9.10.3.dfsg.P4-11
HIGH7.5named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and…
from 0, < 1:9.10.3.dfsg.P4-11
HIGH7.5bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u9
HIGH7.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-11
HIGH7.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u14
HIGH7.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u13
HIGH7.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-11
HIGH7.5bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u8
HIGH7.5bind9 - security update
from 0, < 1:9.9.3.dfsg.P2-1
HIGH7.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u12
HIGH7.5buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses…
from 0, < 1:9.10.3.dfsg.P4-11
HIGH7.5bind9 - programming error
from 0, < 1:9.3.2-P1-1
HIGH7.5bind9 - programming error
from 0, < 1:9.2.4-1sarge1
MEDIUM6.8bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u7
MEDIUM6.8bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u11
MEDIUM6.8bind9 - security update
from 0, < 1:9.16.27-1~deb11u1
MEDIUM6.8bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u10
MEDIUM6.8bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-6
MEDIUM6.8bind9 - cache poisoning
from 0, < 1:9.5.0.dfsg-5
MEDIUM6.8bind9 - cache poisoning
from 0, < 1:9.4.2-10+lenny1
MEDIUM6.8bind9 - cache poisoning
from 0, < 1:9.3.4-2etch3
MEDIUM6.5Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record.
from 0, < 1:9.20.21-1~deb13u1
MEDIUM6.5bind9 - security update
from 0, < 1:9.16.15-1
MEDIUM6.5bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u5
MEDIUM6.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u9
MEDIUM6.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u7
MEDIUM6.5bind9 - security update
from 0, < 1:9.16.6-1
MEDIUM6.5To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called u…
from 0, < 1:9.11.5+dfsg-1
MEDIUM6.5ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (s…
from 0, < 1:9.10.6+dfsg-1
MEDIUM6.5bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze19
MEDIUM6.5bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-6
MEDIUM6.5bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u9
MEDIUM5.9Undefined behavior may result due to a race condition leading to a use-after-free violation.
from 0, < 1:9.20.23-1~deb13u1
MEDIUM5.9Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or…
from 0, < 1:9.16.3-1
MEDIUM5.9A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatc…
from 0, < 1:9.11.5.P4+dfsg-5.1
MEDIUM5.9An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the…
from 0, < 1:9.10.3.dfsg.P4-12.4
MEDIUM5.9bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.3
MEDIUM5.9bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u16
MEDIUM5.9bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u11
MEDIUM5.9bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u15
MEDIUM5.9bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12
MEDIUM5.9bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u10
MEDIUM5.9bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u11
MEDIUM5.9bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u7
MEDIUM5.9bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-11
MEDIUM5.4A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0).
from 0, < 1:9.20.21-1~deb13u1
MEDIUM5.3An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenti…
from 0
MEDIUM5.3BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack.
from 0
MEDIUM5.3bind9 - security update
from 0, < 1:9.16.33-1~deb11u1
MEDIUM5.3bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u8
MEDIUM5.3bind9 - security update
from 0, < 1:9.16.33-1~deb11u1
MEDIUM5.3BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition.
from 0, < 1:9.16.27-1~deb11u1
MEDIUM5.3bind9 - security update
from 0, < 1:9.16.22-1~deb11u1
MEDIUM5.3bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u6
MEDIUM5.3Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: B…
from 0, < 1:9.11.5.P4+dfsg-1
MEDIUM5.3named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a contr…
from 0, < 1:9.10.3.dfsg.P4-12.3
MEDIUM4.9bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u2
MEDIUM4.9bind9 - security update
from 0, < 1:9.16.4-1
MEDIUM4.9An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failur…
from 0, < 1:9.16.4-1
MEDIUM4.9bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u17
MEDIUM4.9bind9 - security update
from 0, < 1:9.11.5.P4+dfsg-1
MEDIUM4.3In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.1…
from 0, < 1:9.16.6-1
LOW3.7bind9 - security update
from 0, < 1:9.9.5.dfsg-9+deb8u12
LOW3.7bind9 - security update
from 0, < 1:9.10.3.dfsg.P4-12.4
LOW3.7bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u17
—bind9 - security update
from 0, < 1:9.9.5.dfsg-12.1
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u8
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze18
—bind9 - security update
from 0, < 1:9.9.5.dfsg-12
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u7
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze17
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze16
—bind9 - security update
from 0, < 1:9.9.5.dfsg-11
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u6
—bind9 - security update
from 0, < 9.7.3.dfsg-1~squeeze15
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u5
—bind9 - security update
from 0, < 1:9.9.5.dfsg-10
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze14
—bind9 - security update
from 0, < 1:9.9.5.dfsg-9
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u4
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u3
—bind9 - security update
from 0, < 1:9.9.5.dfsg-7
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze13
—bind9 - security update
from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u2
—bind9 - security update
from 0, < 1:9.9.5.dfsg-2
—bind9 - security update
from 0, < 1:9.7.3.dfsg-1~squeeze12
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze11
—bind9 - denial of service
from 0, < 1:9.8.4.dfsg.P1-6+nmu3
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze10
—bind9 - denial of service
from 0, < 1:9.8.4.dfsg.P1-6+nmu1
—ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lack…
from 0, < 1:9.8.4.dfsg.P1-6+nmu1
—ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (asse…
from 0, < 1:9.8.4.dfsg.P1-1
—bind9 - denial of service
from 0, < 1:9.8.1.dfsg.P1-4.3
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze8
—bind9 - improper assert
from 0, < 1:9.7.3.dfsg-1~squeeze7
—bind9 - improper assert
from 0, < 1:9.8.4.dfsg-1
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze6
—bind9 - denial of service
from 0, < 1:9.8.1.dfsg.P1-4.2
—bind9 - denial of service
from 0, < 1:9.8.1.dfsg.P1-4.1
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze5
—The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response…
from 0, < 1:9.8.1.dfsg.P1-4.1
—bind9 - improper assert
from 0, < 1:9.8.1.dfsg.P1-1
—bind9 - improper assert
from 0, < 1:9.6.ESV.R4+dfsg-0+lenny4
—Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ…
from 0, < 1:9.8.1.dfsg.P1-1
—bind9 - denial of service
from 0, < 1:9.6.ESV.R4+dfsg-0+lenny3
—bind9 - denial of service
from 0, < 1:9.8.1.dfsg-1
—bind9 - wrong boundary condition
from 0, < 1:9.8.1.dfsg-1
—bind9 - wrong boundary condition
from 0, < 1:9.6.ESV.R4+dfsg-0+lenny2
—ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of…
from 0, < 1:9.8.1.dfsg.P1-1
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1~squeeze1
—bind9 - denial of service
from 0, < 1:9.7.3.dfsg-1
—named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successfu…
from 0, < 1:9.7.2.dfsg.P3-1
—named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly de…
from 0, < 1:9.7.2.dfsg.P3-1
—bind9 - denial of service
from 0, < 1:9.6.ESV.R3+dfsg-0+lenny1
—bind9 - denial of service
from 0, < 1:9.7.2.dfsg.P3-1
—ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exis…
from 0, < 1:9.7.2.dfsg.P2-1
—BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Valida…
from 0, < 9.7.1.dfsg.P2
—ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data a…
from 0, < 1:9.7.0.dfsg-1
—Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, w…
from 0, < 1:9.7.0.dfsg-1
—bind9 - cache poisoning
from 0, < 1:9.6.ESV.R1+dfsg-0+lenny1
—bind9 - cache poisoning
from 0, < 1:9.7.0.dfsg-1
—bind9 - cache poisoning
from 0, < 1:9.3.4-2etch6
—bind9 - cache poisoning
from 0, < 1:9.6.1.dfsg.P2-1
—bind9 - denial of service
from 0, < 1:9.6.1.dfsg.P1-1
—bind9 - denial of service
from 0, < 1:9.3.4-2etch5
—bind9 - cryptographic weakness
from 0, < 1:9.3.4-2etch4
—bind9 - cryptographic weakness
from 0, < 1:9.5.1.dfsg.P1-1
—bind9 - DNS cache poisoning vulnerability
from 0, < 1:9.3.4-2etch1
—bind9 - DNS cache poisoning vulnerability
from 0, < 1:9.4.1-P1-1
—The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query…
from 0, < 1:9.4.1-P1-1
—Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to…
from 0, < 1:9.4.1-1
—bind9
from 0, < 1:9.3.4-2
—Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum…
from 0, < 1:9.3.4-2
—bind9
from 0, < 1:9.2.4-1sarge2
—BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive querie…
from 0, < 1:9.3.2-P1-1
—Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG,…
from 0, < 1:9.3.3-1
—The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides addi…
from 0, < 1:9.4.0-1
—An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a…
from 0, < 1:9.3.1