OESA-2025-2843 dhcp security update

The Dynamic Host Configuration Protocol DHCP is a network management protocol used on UDP/IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks. Security Fixes: Unde...

Security update for bind

This update for bind fixes the following issues: CVE-2025-40778: Address various spoofing attacks bsc1252379. CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator bsc1252380. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

RHEL 8 : unbound (RHSA-2025:13577)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13577 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbound Cache poisoning...

unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack

[email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information...

Cache Poisoning

Next.js is vulnerable to Cache Poisoning. The vulnerability is due to improper caching of HTTP 204 responses for static pages, which allows an attacker to poison the cache and cause the 204 response to be served to all users attempting to access the affected page...

CVE-2025-49005

Next.js is a React framework for building full-stack web applications. In Next.js App Router from 15.3.0 to before 15.3.3 and Vercel CLI from 41.4.1 to 42.2.0, a cache poisoning vulnerability was found. The issue allowed page requests for HTML content to return a React Server Component RSC payloa...

Moderate: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

RHEL 7 : bind (RHSA-2023:0402)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0402 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

Moderate: dhcp security and enhancement update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

RHEL 8 : bind9.16 (RHSA-2022:7643)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7643 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

ALSA-2022:7643 Important: bind9.16 security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

ISC BIND DNS Response Rage Limit Vulnerability (CVE-2013-5661)

ISC BIND is prone to a cache poisoning vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Squid Security Update Advisory (SQUID-2020:7)

Squid is prone to a cache poisoning vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Slackware: Security Advisory (SSA:2009-336-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1961-1 (bind9)

The remote host is missing an update to bind9 announced via advisory DSA 1961-1. OpenVAS Vulnerability Test $Id: deb19611.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1961-1 bind9 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

CVE-2008-1454

Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache...

Symantec Enterprise Firewall 7.08.0 - DNSD DNS Cache Poisoning

Symantec Enterprise Firewall 7.08.0 - DNSD DNS Cache Poisoning source: https://www.securityfocus.com/bid/10557/info It is reported that dnsd is prone to a cache poisoning vulnerability. Dnsd does not ensure that the data returned from a remote DNS server contains related information about the...

DNS Server Recursive Query Cache Poisoning Weakness

It is possible to query the remote name server for third-party names. If this is your internal nameserver, then the attack vector may be limited to employees or guest access if allowed. If you are probing a remote nameserver, then it allows anyone to use it to resolve third party names such as...