Vulnerabilities (CVE)

Filtered by vendor Isc Subscribe
Total 227 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2926 1 Isc 1 Bind 2025-04-09 4.3 MEDIUM N/A
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
CVE-2009-0025 1 Isc 1 Bind 2025-04-09 6.8 MEDIUM N/A
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
CVE-2007-2925 1 Isc 1 Bind 2025-04-09 5.8 MEDIUM N/A
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
CVE-2009-0696 1 Isc 1 Bind 2025-04-09 4.3 MEDIUM N/A
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
CVE-2009-1893 2 Isc, Redhat 2 Dhcp, Enterprise Linux 2025-04-09 6.9 MEDIUM N/A
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
CVE-2009-4022 1 Isc 1 Bind 2025-04-09 2.6 LOW N/A
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
CVE-2007-0493 1 Isc 1 Bind 2025-04-09 7.8 HIGH N/A
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
CVE-2009-0692 1 Isc 1 Dhcp 2025-04-09 10.0 HIGH N/A
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option.
CVE-2009-0265 1 Isc 1 Bind 2025-04-09 5.0 MEDIUM 7.5 HIGH
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
CVE-2007-2930 1 Isc 1 Bind 2025-04-09 4.3 MEDIUM N/A
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926.
CVE-2004-0461 5 Infoblox, Isc, Mandrakesoft and 2 more 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more 2025-04-03 10.0 HIGH N/A
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
CVE-2002-0684 2 Gnu, Isc 2 Glibc, Bind 2025-04-03 7.5 HIGH N/A
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
CVE-2003-0039 1 Isc 1 Dhcpd 2025-04-03 5.0 MEDIUM N/A
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.
CVE-1999-0868 5 Isc, Nec, Netscape and 2 more 6 Inn, Goah Intrasv, Goah Networksv and 3 more 2025-04-03 7.2 HIGH N/A
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVE-1999-0100 1 Isc 1 Inn 2025-04-03 10.0 HIGH N/A
Remote access in AIX innd 1.5.1, using control messages.
CVE-1999-0833 2 Isc, Sun 3 Bind, Solaris, Sunos 2025-04-03 7.5 HIGH N/A
Buffer overflow in BIND 8.2 via NXT records.
CVE-1999-0247 1 Isc 1 Inn 2025-04-03 7.5 HIGH N/A
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
CVE-2002-1220 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2025-04-03 5.0 MEDIUM N/A
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
CVE-1999-0808 1 Isc 1 Dhcp Client 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.
CVE-2000-0335 2 Gnu, Isc 2 Glibc, Bind 2025-04-03 7.5 HIGH N/A
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.