pkg:Debian/bind9
217 total CVEsCRITICAL2HIGH90MEDIUM49LOW3
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2026-3593A use-after-free vulnerability exists within the DNS-over-HTTPS implementation.from 0, < 1:9.20.23-1~deb13u1
- CRITICAL9.8CVE-2021-25216In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Previe…from 0, < 1:9.16.15-1
- HIGH8.6CVE-2025-40780In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to p…from 0, < 1:9.16.50-1~deb11u4
- from 0, < 1:9.18.41-1~deb12u1
- from 0, < 1:9.16.50-1~deb11u4
- from 0, < 1:9.16.50-1~deb11u4
- from 0, < 1:9.9.5.dfsg-9+deb8u19
- from 0, < 1:9.16.3-1
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u6
- HIGH8.6CVE-2016-1286named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure a…from 0, < 1:9.10.3.dfsg.P4-6
- HIGH8.2CVE-2022-2881The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.from 0
- from 0, < 1:9.16.12-1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u3
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u8
- HIGH7.5CVE-2026-5946Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `C…from 0
- HIGH7.5CVE-2026-3039BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when re…from 0
- HIGH7.5CVE-2026-3104A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.from 0, < 1:9.20.21-1~deb13u1
- from 0, < 1:9.16.50-1~deb11u5
- from 0, < 1:9.18.47-1~deb12u1
- from 0, < 1:9.18.44-1~deb12u1
- from 0, < 1:9.18.44-1~deb12u1
- HIGH7.5CVE-2025-8677Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion.from 0, < 1:9.16.50-1~deb11u4
- HIGH7.5CVE-2025-40777If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only al…from 0
- HIGH7.5CVE-2025-40775When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it.from 0, < 1:9.20.9-1
- HIGH7.5CVE-2024-12705Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traff…from 0, < 1:9.18.33-1~deb12u2
- from 0, < 1:9.18.33-1~deb12u2
- from 0, < 1:9.16.50-1~deb11u3
- from 0, < 1:9.16.50-1~deb11u3
- HIGH7.5CVE-2024-4076Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion fa…from 0, < 1:9.16.50-1~deb11u1
- HIGH7.5CVE-2024-1975If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed do…from 0, < 1:9.16.50-1~deb11u1
- from 0, < 1:9.16.50-1~deb11u1
- from 0, < 1:9.16.50-1~deb11u1
- HIGH7.5CVE-2024-0760A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress.from 0, < 1:9.18.28-1~deb12u1
- HIGH7.5CVE-2023-50868The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a de…from 0, < 1:9.16.48-1
- from 0, < 1:9.16.48-1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u11
- HIGH7.5CVE-2023-6516To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database.from 0, < 1:9.16.48-1
- HIGH7.5CVE-2023-5679A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both…from 0, < 1:9.16.48-1
- HIGH7.5CVE-2023-5517A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is conf…from 0, < 1:9.16.48-1
- from 0, < 1:9.16.48-1
- from 0, < 1:9.16.48-1
- HIGH7.5CVE-2023-4236A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure.from 0, < 1:9.18.19-1~deb12u1
- from 0, < 1:9.16.44-1~deb11u1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u10
- from 0, < 1:9.16.44-1~deb11u1
- HIGH7.5CVE-2023-2911If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-t…from 0, < 1:9.16.42-1~deb11u1
- from 0, < 1:9.16.42-1~deb11u1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u9
- from 0, < 1:9.16.42-1~deb11u1
- HIGH7.5CVE-2022-3924This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, conf…from 0, < 1:9.16.37-1~deb11u1
- HIGH7.5CVE-2022-3736BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer…from 0, < 1:9.16.37-1~deb11u1
- from 0, < 1:9.16.37-1~deb11u1
- from 0, < 1:9.16.37-1~deb11u1
- HIGH7.5CVE-2022-3080By sending specific queries to the resolver, an attacker can cause named to crash.from 0, < 1:9.16.33-1~deb11u1
- HIGH7.5CVE-2022-38178By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.from 0, < 1:9.16.33-1~deb11u1
- HIGH7.5CVE-2022-38177By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.from 0, < 1:9.16.33-1~deb11u1
- HIGH7.5CVE-2022-2906An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources.from 0, < 1:9.18.7-1
- HIGH7.5CVE-2022-1183On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure.from 0, < 1:9.18.3-1
- HIGH7.5CVE-2022-0635Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually…from 0, < 1:9.18.1-1
- from 0, < 1:9.18.1-1
- HIGH7.5CVE-2021-25215In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…from 0, < 1:9.16.15-1
- HIGH7.5CVE-2020-8623In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition…from 0, < 1:9.16.6-1
- HIGH7.5CVE-2020-8621In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who…from 0, < 1:9.16.6-1
- HIGH7.5CVE-2020-8620In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection…from 0, < 1:9.16.6-1
- HIGH7.5CVE-2019-6477With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via T…from 0, < 1:9.11.14+dfsg-1
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u20
- from 0, < 1:9.9.3.dfsg.P2-1
- HIGH7.5CVE-2018-5744A failure to free memory can occur when processing messages having a specific combination of EDNS options.from 0, < 1:9.11.5.P4+dfsg-1
- from 0, < 1:9.9.5.dfsg-9+deb8u18
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u5
- from 0, < 1:9.11.5.P4+dfsg-4
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u10
- from 0, < 1:9.9.5.dfsg-9+deb8u16
- from 0, < 1:9.11.4.P1+dfsg-1
- HIGH7.5CVE-2018-5738Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which cli…from 0, < 1:9.11.3+dfsg-2
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u19
- from 0, < 1:9.11.2.P1-1
- from 0, < 1:9.9.5.dfsg-9+deb8u15
- HIGH7.5CVE-2017-3137Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lea…from 0, < 1:9.10.3.dfsg.P4-12.3
- HIGH7.5CVE-2016-9444named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of se…from 0, < 1:9.10.3.dfsg.P4-11
- HIGH7.5CVE-2016-9147named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and…from 0, < 1:9.10.3.dfsg.P4-11
- from 0, < 1:9.9.5.dfsg-9+deb8u9
- from 0, < 1:9.10.3.dfsg.P4-11
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u14
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u13
- from 0, < 1:9.10.3.dfsg.P4-11
- from 0, < 1:9.9.5.dfsg-9+deb8u8
- from 0, < 1:9.9.3.dfsg.P2-1
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u12
- HIGH7.5CVE-2016-2776buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses…from 0, < 1:9.10.3.dfsg.P4-11
- from 0, < 1:9.3.2-P1-1
- from 0, < 1:9.2.4-1sarge1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u7
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u11
- from 0, < 1:9.16.27-1~deb11u1
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u10
- from 0, < 1:9.10.3.dfsg.P4-6
- from 0, < 1:9.5.0.dfsg-5
- from 0, < 1:9.4.2-10+lenny1
- from 0, < 1:9.3.4-2etch3
- MEDIUM6.5CVE-2026-3119Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record.from 0, < 1:9.20.21-1~deb13u1
- from 0, < 1:9.16.15-1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u5
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u9
- from 0, < 1:9.10.3.dfsg.P4-12.3+deb9u7
- from 0, < 1:9.16.6-1
- MEDIUM6.5CVE-2018-5741To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called u…from 0, < 1:9.11.5+dfsg-1
- MEDIUM6.5CVE-2016-6170ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (s…from 0, < 1:9.10.6+dfsg-1
- from 0, < 1:9.7.3.dfsg-1~squeeze19
- from 0, < 1:9.10.3.dfsg.P4-6
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u9
- MEDIUM5.9CVE-2026-5947Undefined behavior may result due to a race condition leading to a use-after-free violation.from 0, < 1:9.20.23-1~deb13u1
- MEDIUM5.9CVE-2020-8617Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or…from 0, < 1:9.16.3-1
- MEDIUM5.9CVE-2019-6471A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatc…from 0, < 1:9.11.5.P4+dfsg-5.1
- MEDIUM5.9CVE-2017-3143An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the…from 0, < 1:9.10.3.dfsg.P4-12.4
- from 0, < 1:9.10.3.dfsg.P4-12.3
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u16
- from 0, < 1:9.9.5.dfsg-9+deb8u11
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u15
- from 0, < 1:9.10.3.dfsg.P4-12
- from 0, < 1:9.9.5.dfsg-9+deb8u10
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u11
- from 0, < 1:9.9.5.dfsg-9+deb8u7
- from 0, < 1:9.10.3.dfsg.P4-11
- MEDIUM5.4CVE-2026-3591A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0).from 0, < 1:9.20.21-1~deb13u1
- MEDIUM5.3CVE-2026-5950An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenti…from 0
- MEDIUM5.3CVE-2026-3592BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack.from 0
- from 0, < 1:9.16.33-1~deb11u1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u8
- from 0, < 1:9.16.33-1~deb11u1
- MEDIUM5.3CVE-2022-0396BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition.from 0, < 1:9.16.27-1~deb11u1
- from 0, < 1:9.16.22-1~deb11u1
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u6
- MEDIUM5.3CVE-2019-6465Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: B…from 0, < 1:9.11.5.P4+dfsg-1
- MEDIUM5.3CVE-2017-3138named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a contr…from 0, < 1:9.10.3.dfsg.P4-12.3
- from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u2
- from 0, < 1:9.16.4-1
- MEDIUM4.9CVE-2020-8618An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failur…from 0, < 1:9.16.4-1
- from 0, < 1:9.9.5.dfsg-9+deb8u17
- from 0, < 1:9.11.5.P4+dfsg-1
- MEDIUM4.3CVE-2020-8624In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.1…from 0, < 1:9.16.6-1
- from 0, < 1:9.9.5.dfsg-9+deb8u12
- from 0, < 1:9.10.3.dfsg.P4-12.4
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u17
- from 0, < 1:9.9.5.dfsg-12.1
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u8
- from 0, < 1:9.7.3.dfsg-1~squeeze18
- from 0, < 1:9.9.5.dfsg-12
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u7
- from 0, < 1:9.7.3.dfsg-1~squeeze17
- from 0, < 1:9.7.3.dfsg-1~squeeze16
- from 0, < 1:9.9.5.dfsg-11
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u6
- from 0, < 9.7.3.dfsg-1~squeeze15
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u5
- from 0, < 1:9.9.5.dfsg-10
- from 0, < 1:9.7.3.dfsg-1~squeeze14
- from 0, < 1:9.9.5.dfsg-9
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u4
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u3
- from 0, < 1:9.9.5.dfsg-7
- from 0, < 1:9.7.3.dfsg-1~squeeze13
- from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u2
- from 0, < 1:9.9.5.dfsg-2
- from 0, < 1:9.7.3.dfsg-1~squeeze12
- from 0, < 1:9.7.3.dfsg-1~squeeze11
- from 0, < 1:9.8.4.dfsg.P1-6+nmu3
- from 0, < 1:9.7.3.dfsg-1~squeeze10
- from 0, < 1:9.8.4.dfsg.P1-6+nmu1
- —CVE-2012-5689ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lack…from 0, < 1:9.8.4.dfsg.P1-6+nmu1
- —CVE-2012-5688ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (asse…from 0, < 1:9.8.4.dfsg.P1-1
- from 0, < 1:9.8.1.dfsg.P1-4.3
- from 0, < 1:9.7.3.dfsg-1~squeeze8
- from 0, < 1:9.7.3.dfsg-1~squeeze7
- from 0, < 1:9.8.4.dfsg-1
- from 0, < 1:9.7.3.dfsg-1~squeeze6
- from 0, < 1:9.8.1.dfsg.P1-4.2
- from 0, < 1:9.8.1.dfsg.P1-4.1
- from 0, < 1:9.7.3.dfsg-1~squeeze5
- —CVE-2012-1033The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response…from 0, < 1:9.8.1.dfsg.P1-4.1
- from 0, < 1:9.8.1.dfsg.P1-1
- from 0, < 1:9.6.ESV.R4+dfsg-0+lenny4
- —CVE-2011-2465Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ…from 0, < 1:9.8.1.dfsg.P1-1
- from 0, < 1:9.6.ESV.R4+dfsg-0+lenny3
- from 0, < 1:9.8.1.dfsg-1
- from 0, < 1:9.8.1.dfsg-1
- from 0, < 1:9.6.ESV.R4+dfsg-0+lenny2
- —CVE-2011-1907ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of…from 0, < 1:9.8.1.dfsg.P1-1
- from 0, < 1:9.7.3.dfsg-1~squeeze1
- from 0, < 1:9.7.3.dfsg-1
- —CVE-2010-3615named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successfu…from 0, < 1:9.7.2.dfsg.P3-1
- —CVE-2010-3614named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly de…from 0, < 1:9.7.2.dfsg.P3-1
- from 0, < 1:9.6.ESV.R3+dfsg-0+lenny1
- from 0, < 1:9.7.2.dfsg.P3-1
- —CVE-2010-3762ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exis…from 0, < 1:9.7.2.dfsg.P2-1
- —CVE-2010-0213BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Valida…from 0, < 9.7.1.dfsg.P2
- —CVE-2010-0382ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data a…from 0, < 1:9.7.0.dfsg-1
- —CVE-2010-0290Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, w…from 0, < 1:9.7.0.dfsg-1
- from 0, < 1:9.6.ESV.R1+dfsg-0+lenny1
- from 0, < 1:9.7.0.dfsg-1
- from 0, < 1:9.3.4-2etch6
- from 0, < 1:9.6.1.dfsg.P2-1
- from 0, < 1:9.6.1.dfsg.P1-1
- from 0, < 1:9.3.4-2etch5
- from 0, < 1:9.3.4-2etch4
- from 0, < 1:9.5.1.dfsg.P1-1
- from 0, < 1:9.3.4-2etch1
- from 0, < 1:9.4.1-P1-1
- —CVE-2007-2925The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query…from 0, < 1:9.4.1-P1-1
- —CVE-2007-2241Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to…from 0, < 1:9.4.1-1
- from 0, < 1:9.3.4-2
- —CVE-2007-0493Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum…from 0, < 1:9.3.4-2
- from 0, < 1:9.2.4-1sarge2
- —CVE-2006-4096BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive querie…from 0, < 1:9.3.2-P1-1
- —CVE-2006-2073Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG,…from 0, < 1:9.3.3-1
- —CVE-2006-0987The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides addi…from 0, < 1:9.4.0-1
- —CVE-2005-0034An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a…from 0, < 1:9.3.1