Filtered by vendor Isc
Subscriptions
Total
240 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0029 | 3 Astaro, Isc, Redhat | 3 Security Linux, Bind, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | ||||
| CVE-2002-0400 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Linux | 2025-04-03 | N/A |
| ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | ||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | ||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2025-04-03 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | ||||
| CVE-2005-0034 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. | ||||
| CVE-2004-1006 | 2 Isc, Redhat | 2 Dhcpd, Enterprise Linux | 2025-04-03 | N/A |
| Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. | ||||
| CVE-2004-0045 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2025-04-03 | N/A |
| The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | ||||
| CVE-2002-2212 | 2 Fujitsu, Isc | 2 Uxp V, Bind | 2025-04-03 | N/A |
| The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | ||||
| CVE-1999-0100 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Remote access in AIX innd 1.5.1, using control messages. | ||||
| CVE-2001-0013 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | ||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | N/A |
| Buffer overflow in INN inews program. | ||||
| CVE-2002-0525 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses. | ||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | ||||
| CVE-2003-0026 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | ||||
| CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | N/A |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. | ||||