GCVE - cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*

part: a version: 9.9.3 update: *

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.177721
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.177723

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-3136`	vulnerable	2026-06-03 14:37:09.601646	An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;" MEDIUM (5.9) A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-17T00:51:35.181Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2017:1095 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180802-0002/ https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us https://www.debian.org/security/2017/dsa-3854	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3135`	vulnerable	2026-06-03 14:37:09.582398	Combination of DNS64 and RPZ Can Lead to Crash HIGH (7.5) Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-16T17:53:49.488Z Open on db.gcve.eu Reference links https://security.gentoo.org/glsa/201708-01 http://rhn.redhat.com/errata/RHSA-2017-0276.html https://security.netapp.com/advisory/ntap-20180926-0005/ https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us http://www.securityfocus.com/bid/96150	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-8461`	vulnerable	2026-06-03 14:35:12.004027	Details available Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors. Published: 2015-12-16T15:00:00.000Z Updated: 2024-08-06T08:20:41.759Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1034419 http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174252.html https://kb.isc.org/article/AA-01438 http://www.securityfocus.com/bid/79347	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-8000`	vulnerable	2026-06-03 14:35:10.819365	Details available db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute. Published: 2015-12-16T15:00:00.000Z Updated: 2024-08-06T08:06:31.443Z Open on db.gcve.eu Reference links http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://marc.info/?l=bugtraq&m=145680832702035&w=2 https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/ https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/ http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174145.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-4620`	vulnerable	2026-06-03 14:34:52.333929	Details available name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone. Published: 2015-07-08T14:00:00.000Z Updated: 2024-08-06T06:18:12.213Z Open on db.gcve.eu Reference links http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162286.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html https://kb.juniper.net/JSA10783 https://kb.isc.org/article/AA-01438 http://www.securitytracker.com/id/1032799	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-1349`	vulnerable	2026-06-03 14:34:39.249158	Details available named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. Published: 2015-02-19T02:00:00.000Z Updated: 2024-08-06T04:40:18.567Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html https://kb.juniper.net/JSA10783 http://advisories.mageia.org/MGASA-2015-0082.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:165 https://kb.isc.org/article/AA-01235	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-8500`	vulnerable	2026-06-03 14:34:24.168204	Details available ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. Published: 2014-12-11T02:00:00.000Z Updated: 2024-08-06T13:18:48.302Z Open on db.gcve.eu Reference links http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://marc.info/?l=bugtraq&m=142180687100892&w=2 http://security.gentoo.org/glsa/glsa-201502-03.xml http://secunia.com/advisories/62122 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-002.txt.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6230`	vulnerable	2026-06-03 14:33:25.293773	Details available The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask. Published: 2013-11-08T02:00:00.000Z Updated: 2024-08-06T17:38:58.810Z Open on db.gcve.eu Reference links https://kb.isc.org/article/AA-01063 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.518391 https://kb.isc.org/article/AA-01062	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4854`	vulnerable	2026-06-03 14:33:19.804769	Details available The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. Published: 2013-07-26T23:00:00.000Z Updated: 2024-08-06T16:59:39.290Z Open on db.gcve.eu Reference links http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396 https://kb.isc.org/article/AA-01015 http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://secunia.com/advisories/54134	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-3919`	vulnerable	2026-06-03 14:33:08.901565	Details available resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone. Published: 2013-06-06T10:00:00.000Z Updated: 2024-08-06T16:22:01.473Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html https://support.apple.com/kb/HT6536 https://kb.isc.org/article/AA-00967/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2266`	vulnerable	2026-06-03 14:33:00.388961	Details available libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. Published: 2013-03-28T16:00:00.000Z Updated: 2024-08-06T15:27:41.144Z Open on db.gcve.eu Reference links https://kb.isc.org/article/AA-00871/ http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101603.html http://linux.oracle.com/errata/ELSA-2014-1244 http://rhn.redhat.com/errata/RHSA-2013-0689.html http://www.isc.org/software/bind/advisories/cve-2013-2266	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.