4 matches found
CVE-2025-11678
Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...
CVE-2020-4719
The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. This could enable an authenticated user with admin authorization to create DNS query strings that are not hostnames. IBM X-Force ID: 187861...
bind: TCP Pipelining doesn't limit TCP clients on a single connection
A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...
ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than...