sischkg

5 exploits Active since Jul 2016
CVE-2018-5740 NOMISEC HIGH WORKING POC
BIND <9.13.3 - DoS
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
3 stars
CVSS 7.5
CVE-2016-6170 WRITEUP MEDIUM WRITEUP
ISC BIND <9.11.0b1 - DoS
ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.
CVSS 6.5
CVE-2016-6171 WRITEUP HIGH WRITEUP
Knot DNS <2.3.0 - DoS
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
CVSS 8.6
CVE-2016-6172 WRITEUP MEDIUM WRITEUP
PowerDNS <4.0.1 - DoS
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
CVSS 6.8
CVE-2016-6173 WRITEUP HIGH WRITEUP
NSD <4.1.11 - DoS
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
CVSS 7.5