14 matches found
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2025-1728)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TencentOS Server 3: bind9.16 (TSSA-2023:0240)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0240 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2025-1314)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7340-1 openvpn vulnerabilities
It was discovered that OpenVPN did not perform proper input validation when generating a TLS key under certain configuration, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu...
USN-6860-1: OpenVPN vulnerabilities
Reynir Björnsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. CVE-2024-28882...
PT-2024-5857 · Openvpn +7 · Openvpn +7
Name of the Vulnerable Software and Affected Versions: OpenVPN versions prior to 2.6.11 Description: The issue is related to the lack of proper sanitization of PUSH REPLY messages, which can be exploited by attackers to inject unexpected arbitrary data into third-party executables or plug-ins. Th...
EulerOS Virtualization 2.10.0 : bind (EulerOS-SA-2023-3461)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion...
MGASA-2023-0303 Updated bind packages fix security vulnerabilities
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
Oracle Linux 9 : bind (ELSA-2023-5689)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5689 advisory. 32:9.16.23-11.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341 Tenable has extracted the preceding description block directly from the...
bind: stack exhaustion in control channel code may lead to DoS
A flaw was found in the Bind package. The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size. Depending on the environment, this may cause the packet-parsing code...
Oracle Linux 8 : bind (ELSA-2023-5474)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5474 advisory. 32:9.11.36-8.2 - stack exhaustion in control channel code may lead to DoS CVE-2023-3341 Tenable has extracted the preceding description block directly from the...
SUSE SLES12: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2023:3796-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3796-1 advisory. - CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly bsc1215472. Tenable has...
CVE-2023-3341
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Bind vulnerabilities (USN-6390-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6390-1 advisory. It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channe...