Computer Security
[EN] no-pyccku

ISC bind named DNS server DoS
updated since 29.07.2009
SecurityVulns ID:10109
Threat Level:
Description:Crash on dynamic update message with ANY type (disablind dynamic updates doesn't eliminate problem).
Affected:BIND : bind 9.4
 BIND : bind 9.5
 ISC : bind 9.6
CVE:CVE-2009-0696 (The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.)
Original documentdocumentISC, BIND Dynamic Update DoS (29.07.2009)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-09:12.bind (29.07.2009)
Files:ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
SecurityVulns ID:10113
Threat Level:
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:XAMPP : XAMPP 1.6
 WORDPRESS : wp-Table 1.52
Original documentdocumentMustLive, Cross-Site Scripting and Insufficient Anti-automation vulnerabilities in XAMPP (30.07.2009)
 documentCru3l.b0y, wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability (30.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod