Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVSS Score
7.5
EPSS Score
0.071
Published
2002-11-29
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
CVSS Score
7.8
EPSS Score
0.001
Published
2001-07-21
Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.071
Published
2001-02-12
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
CVSS Score
5.0
EPSS Score
0.2
Published
2001-02-12
Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.093
Published
2001-02-12
Denial of service in BIND named via maxdname.
CVSS Score
5.0
EPSS Score
0.019
Published
1999-11-10
DNS cache poisoning via BIND, by predictable query IDs.
CVSS Score
5.0
EPSS Score
0.013
Published
1997-08-13
Page 2