7 matches found
Important: Red Hat Security Advisory: bind9.16 security update
An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
TencentOS Server 2: unbound (TSSA-2024:1114)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1114 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-50387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption v...
Important: dnsmasq
Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-550)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-550 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may...
Fedora Core 5 : bind-9.3.4-1.fc5 (2007-164)
Fixed two security bugs - DNSSEC denial of service - BIND might crash after attempting to read free-ed memory and some common bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
CVE-2005-0034
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service named server exit via crafted DNS packets that cause an internal consistency test self-check to fail...