226 matches found
Rocky Linux 8 : c-ares (RLSA-2022:2043)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong...
AlmaLinux 8 : c-ares (ALSA-2022:2043)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostname...
c-ares: Missing input validation of host names may lead to domain hijacking
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...
c-ares security update
An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...
ALSA-2022:2043 Moderate: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...
RLSA-2022:2043 Moderate: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...
Moderate: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...
CentOS 8 : c-ares (CESA-2022:2043)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2043 advisory. - c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Note that Nessus has not tested for this issue but has instead relie...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2022-1112)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : c-ares (EulerOS-SA-2022-1057)
According to the versions of the c-ares packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can...
Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...
EulerOS Virtualization 3.0.2.6 : c-ares (EulerOS-SA-2021-2882)
According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2882)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2841)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
A flaw was found in c-ares library where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
...
CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...
ALPINE-CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...
DEBIAN-CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...
CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...
AZL-38359 CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...