Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BIND 9 — Vulnerabilities & Security Advisories 54

All 54 CVE vulnerabilities found in BIND 9, with AI-generated Chinese analysis, references, and POCs.

Vendor: ISC

CVE IDTitleCVSSSeverityPublished
CVE-2022-3094 An UPDATE message flood may cause named to exhaust all available memory 7.5 High2023-01-25
CVE-2019-6476 An error in QNAME minimization code can cause BIND to exit with an assertion failure 5.9 Medium2019-10-17
CVE-2019-6475 A flaw in mirror zone validity checking can allow zone data to be spoofed 5.9 Medium2019-10-17
CVE-2019-6471 A race condition when discarding malformed packets can cause BIND to exit with an assertion failure 5.9 -2019-10-09
CVE-2018-5743 Limiting simultaneous TCP clients was ineffective --2019-10-09
CVE-2018-5744 A specially crafted packet can cause named to leak memory 7.5 -2019-10-09
CVE-2018-5745 An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys 4.9 -2019-10-09
CVE-2019-6467 An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c 5.9 -2019-10-09
CVE-2019-6465 Zone transfer controls for writable DLZ zones were not effective 5.3 -2019-10-09
CVE-2017-3135 Combination of DNS64 and RPZ Can Lead to Crash 5.9 -2019-01-16
CVE-2017-3136 An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" 5.9 -2019-01-16
CVE-2017-3137 A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME 7.5 -2019-01-16
CVE-2017-3138 named exits with a REQUIRE assertion failure if it receives a null command string on its control channel 5.3 -2019-01-16
CVE-2017-3140 An error processing RPZ rules can cause named to loop endlessly after handling a query 7.5 -2019-01-16
CVE-2017-3141 Windows service and uninstall paths are not quoted when BIND is installed 7.8 -2019-01-16
CVE-2017-3142 An error in TSIG authentication can permit unauthorized zone transfers 3.7 -2019-01-16
CVE-2017-3143 An error in TSIG authentication can permit unauthorized dynamic updates 5.9 -2019-01-16
CVE-2017-3145 Improper fetch cleanup sequencing in the resolver can cause named to crash 7.5 -2019-01-16
CVE-2018-5734 A malformed request can trigger an assertion failure in badcache.c 7.5 -2019-01-16
CVE-2018-5737 BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled. 7.5 -2019-01-16
CVE-2018-5738 Some versions of BIND can improperly permit recursive query service to unauthorized clients 7.5 -2019-01-16
CVE-2018-5740 A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named 7.5 -2019-01-16
CVE-2018-5741 Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation 2.7 -2019-01-16
CVE-2016-9778 An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c 5.9 -2019-01-16

All 54 known CVE vulnerabilities affecting BIND 9 with full Chinese analysis, references, and POCs where available.