) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:isc:bind:9.9.8:s3:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-6170 |
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message. Published: July 06, 2016; 10:59:05 AM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2016-1284 |
rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query. Published: February 04, 2016; 6:59:01 AM -0500 |
V3.0: 5.9 MEDIUM V2.0: 2.6 LOW |
| CVE-2015-8461 |
Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors. Published: December 16, 2015; 10:59:02 AM -0500 |
V3.x:(not available) V2.0: 7.1 HIGH |
| CVE-2015-8000 |
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. Published: December 16, 2015; 10:59:01 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |