Filtered by vendor Isc
Subscriptions
Total
242 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0011 | 2 Isc, Redhat | 2 Bind, Linux | 2025-04-03 | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | ||||
| CVE-2001-0497 | 1 Isc | 1 Bind | 2025-04-03 | 7.8 High |
| dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | ||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | ||||
| CVE-2003-0026 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | ||||
| CVE-2004-0045 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-1006 | 2 Isc, Redhat | 2 Dhcpd, Enterprise Linux | 2025-04-03 | N/A |
| Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. | ||||
| CVE-2006-4095 | 3 Apple, Canonical, Isc | 4 Mac Os X, Mac Os X Server, Ubuntu Linux and 1 more | 2025-04-03 | 7.5 High |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | ||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | ||||
| CVE-1999-0024 | 6 Bsdi, Ibm, Isc and 3 more | 12 Bsd Os, Aix, Bind and 9 more | 2025-04-03 | N/A |
| DNS cache poisoning via BIND, by predictable query IDs. | ||||
| CVE-2005-0033 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. | ||||
| CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | N/A |
| The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | ||||
| CVE-2003-0039 | 2 Isc, Redhat | 2 Dhcpd, Linux | 2025-04-03 | N/A |
| ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. | ||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2025-04-03 | 9.8 Critical |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | ||||
| CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2025-04-03 | N/A |
| The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | ||||
| CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2025-04-03 | N/A |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | ||||
| CVE-1999-0100 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Remote access in AIX innd 1.5.1, using control messages. | ||||
| CVE-1999-0247 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. | ||||
| CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | ||||
| CVE-2006-0987 | 1 Isc | 1 Bind | 2025-04-03 | N/A |
| The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | ||||