Filtered by vendor Isc
Subscribe
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | |||||
| CVE-2002-0525 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses. | |||||
| CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | |||||
| CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
| CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2025-04-03 | 10.0 HIGH | N/A |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
| CVE-2002-0400 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-1999-0100 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
| Remote access in AIX innd 1.5.1, using control messages. | |||||
| CVE-2002-0651 | 1 Isc | 1 Bind | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
| CVE-2001-0497 | 1 Isc | 1 Bind | 2025-04-03 | 4.6 MEDIUM | 7.8 HIGH |
| dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | |||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
| CVE-1999-0754 | 1 Isc | 1 Inn | 2025-04-03 | 10.0 HIGH | N/A |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | |||||
| CVE-1999-0785 | 1 Isc | 1 Inn | 2025-04-03 | 7.2 HIGH | N/A |
| The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. | |||||
| CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in BIND 8.2 via NXT records. | |||||
| CVE-2000-0472 | 1 Isc | 1 Inn | 2025-04-03 | 3.6 LOW | N/A |
| Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
| CVE-2004-0045 | 1 Isc | 1 Inn | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | |||||
| CVE-1999-0848 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. | |||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2025-04-03 | 2.1 LOW | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||