17 matches found
CVE-2026-24932
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
CVE-2026-24934
The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...
CVE-2026-24932
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
EUVD-2026-5285
The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...
CVE-2026-24932
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
CVE-2026-24932 An improper certificate validation vulnerability was found in ADM while updating the DDNS settings.
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
CVE-2026-24932 An improper certificate validation vulnerability was found in ADM while updating the DDNS settings.
The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...
EUVD-2011-0440
Malware in sbrugna...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2019-2453)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-5741 Update policies krb5-subdomain and ms-subdomain do not enforce controls promised in their documentation
To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update...
openSUSE Security Update : bind (openSUSE-SU-2011:0135-1)
This bind update fixes a remote denial of service vulnerability that can be triggered using an IXFR or DDNS update. CVE-2011-0414: CVSS v2 Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
ISC BIND 9.7.1 - 9.7.2-P3 IXFR /DDNS Update Combinded with High Query Rate DoS
Binary data 5803.prm...
CVE-2011-0414
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...
CVE-2011-0414
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...
Code injection
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...
CVE-2011-0414
CVE-2011-0414 affects ISC BIND versions 9.7.1 through 9.7.2-P3 when configured as an authoritative server. A race condition during IXFR transfers or DDNS updates can cause a remote denial of service (deadlock/daemon hang). Public advisories across distributions (Debian, openSUSE, Gentoo, etc.) do...
CVE-2011-0414
ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service deadlock and daemon hang by sending a query at the time of 1 an IXFR transfer or 2 a DDNS update...