Isc ≫ Bind

ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in mes...

dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynam...

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."

named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."

Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.

The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.