Filtered by vendor Isc
Subscribe
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0247 | 1 Isc | 1 Inn | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. | |||||
| CVE-2006-2073 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite. | |||||
| CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. | |||||
| CVE-2002-0029 | 2 Astaro, Isc | 2 Security Linux, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684. | |||||
| CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2025-04-03 | 10.0 HIGH | N/A |
| ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2006-0527 | 1 Isc | 1 Bind | 2025-04-03 | 7.5 HIGH | N/A |
| BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. | |||||
| CVE-2002-2211 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | |||||
| CVE-2002-0651 | 1 Isc | 1 Bind | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers. | |||||
| CVE-2003-0914 | 9 Compaq, Freebsd, Hp and 6 more | 10 Tru64, Freebsd, Hp-ux and 7 more | 2025-04-03 | 4.3 MEDIUM | N/A |
| ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. | |||||
| CVE-1999-0705 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in INN inews program. | |||||
| CVE-2000-0472 | 1 Isc | 1 Inn | 2025-04-03 | 3.6 LOW | N/A |
| Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID. | |||||
| CVE-2003-0026 | 1 Isc | 1 Dhcpd | 2025-04-03 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. | |||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2025-04-03 | 7.5 HIGH | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2002-0702 | 1 Isc | 1 Dhcpd | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response. | |||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2004-1006 | 1 Isc | 1 Dhcpd | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702. | |||||
| CVE-1999-0706 | 2 Isc, Redhat | 2 Inn, Linux | 2025-04-03 | 7.5 HIGH | N/A |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. | |||||
| CVE-2006-4096 | 1 Isc | 1 Bind | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty. | |||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2025-04-03 | 2.1 LOW | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||