Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2015-5477

UNKNOWN

Published 2015-07-29T14:00:00

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2015-5477. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-4622-vjcx-p39j

Advisory Details

named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.

CVSS Scoring

CVSS Score

7.5

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2015-5477

WEB https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04789415

WEB https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480

WEB https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918

WEB https://kb.isc.org/article/AA-01272

WEB https://kb.isc.org/article/AA-01305

WEB https://kb.isc.org/article/AA-01306

WEB https://kb.isc.org/article/AA-01307

WEB https://kb.isc.org/article/AA-01438

WEB https://kb.juniper.net/JSA10783

WEB https://kc.mcafee.com/corporate/index?page=content&id=SB10126

WEB https://security.gentoo.org/glsa/201510-01

WEB https://security.netapp.com/advisory/ntap-20160114-0001

WEB https://support.apple.com/kb/HT205032

WEB https://www.exploit-db.com/exploits/37721

WEB https://www.exploit-db.com/exploits/37723

WEB http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718

WEB http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163006.html

WEB http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163007.html

WEB http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163015.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html

WEB http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html

WEB http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html

WEB http://marc.info/?l=bugtraq&m=144000632319155&w=2

WEB http://marc.info/?l=bugtraq&m=144017354030745&w=2

WEB http://marc.info/?l=bugtraq&m=144181171013996&w=2

WEB http://marc.info/?l=bugtraq&m=144294073801304&w=2

WEB http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html

WEB http://rhn.redhat.com/errata/RHSA-2015-1513.html

WEB http://rhn.redhat.com/errata/RHSA-2015-1514.html

WEB http://rhn.redhat.com/errata/RHSA-2015-1515.html

WEB http://rhn.redhat.com/errata/RHSA-2016-0078.html

WEB http://rhn.redhat.com/errata/RHSA-2016-0079.html

WEB http://www.debian.org/security/2015/dsa-3319

WEB http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

WEB http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

WEB http://www.securityfocus.com/bid/76092

WEB http://www.securitytracker.com/id/1033100

WEB http://www.ubuntu.com/usn/USN-2693-1

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: April 12, 2025

References

http://packetstormsecurity.com/files/132926/BIND-TKEY-Query-Denial-Of-Service.html

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00050.html

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04789415

https://kb.juniper.net/JSA10783

http://rhn.redhat.com/errata/RHSA-2015-1513.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html

https://security.netapp.com/advisory/ntap-20160114-0001/

https://kb.isc.org/article/AA-01438

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163015.html

http://marc.info/?l=bugtraq&m=144017354030745&w=2

http://marc.info/?l=bugtraq&m=144294073801304&w=2

http://rhn.redhat.com/errata/RHSA-2016-0079.html

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05095918

http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718

http://rhn.redhat.com/errata/RHSA-2015-1514.html

http://www.ubuntu.com/usn/USN-2693-1

https://support.apple.com/kb/HT205032

http://www.securitytracker.com/id/1033100

https://kb.isc.org/article/AA-01307

http://www.securityfocus.com/bid/76092

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html

http://marc.info/?l=bugtraq&m=144294073801304&w=2

https://www.exploit-db.com/exploits/37721/

http://rhn.redhat.com/errata/RHSA-2015-1515.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html

https://security.gentoo.org/glsa/201510-01

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html

http://marc.info/?l=bugtraq&m=144181171013996&w=2

http://marc.info/?l=bugtraq&m=144017354030745&w=2

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480

http://www.debian.org/security/2015/dsa-3319

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163007.html

http://marc.info/?l=bugtraq&m=144000632319155&w=2

http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163006.html

https://www.exploit-db.com/exploits/37723/

https://kb.isc.org/article/AA-01305

http://rhn.redhat.com/errata/RHSA-2016-0078.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html

https://kb.isc.org/article/AA-01306

https://kc.mcafee.com/corporate/index?page=content&id=SB10126

https://kb.isc.org/article/AA-01272

http://marc.info/?l=bugtraq&m=144000632319155&w=2

HackerOne Reports

ci.nextcloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) High

m4nx

Nextcloud

Uncontrolled Resource Consumption

Published: 2015-07-29T14:00:00

Last Modified: 2024-08-06T06:50:02.071Z

Copied to clipboard!