exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

CVE-2015-5477

Status Candidate

Overview

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

Related Files

HP Security Bulletin HPSBHF03539 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5477, CVE-2015-5600, CVE-2015-5722
MD5 | 6b1d5c4e2723750b4c85c318fa20f427
Red Hat Security Advisory 2016-0079-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0079-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477, CVE-2015-5722, CVE-2015-8000
MD5 | ef0d7901d4c66b8d3cb693c33916cb38
Red Hat Security Advisory 2016-0078-01
Posted Jan 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0078-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2014-8500, CVE-2015-5477, CVE-2015-5722, CVE-2015-8000
MD5 | 65c451c3ffec74d06e5c4578d05d3522
Gentoo Linux Security Advisory 201510-01
Posted Oct 18, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-1349, CVE-2015-4620, CVE-2015-5477, CVE-2015-5722, CVE-2015-5986
MD5 | 8db86de9b767ea2ecb35b07407ca5440
HPE Security Bulletin HPSBUX03511 SSRT102248 1
Posted Sep 23, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477, CVE-2015-5722
MD5 | a914255097782bd38670d4a4c6731949
HP Security Bulletin HPSBOV03506 1
Posted Sep 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03506 1 - A potential security vulnerability has been identified with TCP/IP Services for OpenVMS running BIND. The vulnerability could be remotely exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, tcp
advisories | CVE-2015-5477
MD5 | 6bf67ed244467fdc4c127b5c927a42c9
HPE Security Bulletin HPSBUX03410 SSRT102175 1
Posted Aug 21, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03410 SSRT102175 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477
MD5 | 0bcf3af9b323865006242ba34964d1a7
HPE Security Bulletin HPSBUX03400 SSRT102211 1
Posted Aug 21, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03400 SSRT102211 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2014-8500, CVE-2015-5477
MD5 | 70a7a3eb221d29527b279d1a7ae2d8fa
Apple Security Advisory 2015-08-13-4
Posted Aug 13, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-13-4 - OS X Server v4.1.5 is now available and addresses a BIND related denial of service vulnerability.

tags | advisory, denial of service
systems | apple, osx
advisories | CVE-2015-5477
MD5 | 8e797c7b85aba77343d820013d686ddf
Red Hat Security Advisory 2015-1515-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1515-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477
MD5 | 725ea1011737ae1a515f235ab942a92d
Red Hat Security Advisory 2015-1514-01
Posted Aug 3, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1514-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477
MD5 | b9ee0b946c3187b689b3ce40d8ec7ae3
BIND TKEY Query Denial Of Service
Posted Jul 31, 2015
Authored by Lorenzo Corsini

BIND TKEY query remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
advisories | CVE-2015-5477
MD5 | 8118c2899f9813a35af49b81b71d6589
Red Hat Security Advisory 2015-1513-01
Posted Jul 29, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1513-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5477
MD5 | 602d9a11d7b8bf9bd158d169cd033a5f
Ubuntu Security Notice USN-2693-1
Posted Jul 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2693-1 - Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to cause Bind to crash, resulting in a denial of service. Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. A remote attacker could use this issue with a specially crafted query to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-5689, CVE-2015-5477
MD5 | a070b5385d6f322c9f24bb938d7856b8
Debian Security Advisory 3319-1
Posted Jul 29, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3319-1 - Jonathan Foote discovered that the BIND DNS server does not properly handle TKEY queries. A remote attacker can take advantage of this flaw to mount a denial of service via a specially crafted query triggering an assertion failure and causing BIND to exit.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-5477
MD5 | 37a84c84a0755e3b133bc5b5a31f0d70
Slackware Security Advisory - bind Updates
Posted Jul 28, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5477
MD5 | 7ffd48dadaa3262223ccd712677cc0cd
FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 28, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A remote attacker can trigger a crash of a name server. Both recursive and authoritative servers are affected, and the exposure can not be mitigated by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling, before checks enforcing those boundaries.

tags | advisory, remote
systems | freebsd
advisories | CVE-2015-5477
MD5 | 2047cc3417a329326545ba6278d4797b
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close