30 matches found
EUVD-2022-35462
Malicious code in bioql PyPI...
CVE-2022-30258
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain. Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain...
Thousands of Live Hacker Backdoors Found in Expired Domains
SUMMARY Cybersecurity researchers at watchTowr have identified over 4,000 live hacker backdoors, exploiting abandoned infrastructure and expired domains.…...
Authentication Bypass
github.com/rancher/rancher is vulnerable to a Authentication Bypass. The vulnerability is due to improper handling of expired domains or DNS spoofing/hijacking, allowing an attacker to exploit the Rancher URL under specific circumstances...
Integer overflow
Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration...
CVE-2022-30258
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30258
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30257
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
CVE-2022-30257
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
PT-2022-20038 · Technitium · Technitium Dns Server
Name of the Vulnerable Software and Affected Versions: Technitium DNS Server versions through 8.0.2 Description: An issue was discovered that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open source authoritative and recursive DNS server from the Technitium team. It can be used to self-host DNS servers for privacy and security. A security vulnerability exists in Technitium DNS Server version 8.0.2, which stems from variant V1 that allows unintended...
Technitium DNS Server 安全漏洞
Technitium DNS Server is an open source authoritative and recursive DNS server from the Technitium team. It can be used to self-host DNS servers for privacy and security. A security vulnerability exists in Technitium DNS Server version 8.0.2, which stems from variant V2 that allows accidental...
DEBIAN-CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
Design/Logic Flaw
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
UBUNTU-CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
MaraDNS 安全漏洞
MaraDNS is an open source implementation of the Domain Name System by the individual developer Sam Trenholme that can be used as a caching, recursive or authoritative name server. A security vulnerability exists in MaraDNS version 3.5.0021, which stems from variant V1 that allows accidental domai...
CVE-2022-30256
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...
Nord Security: Expired Available Domains in nordvpn.com website code
We at NordVPN want to stress that these domains were removed not because they were a threat, but because they simply were of no use. Also, new domains were added because this is a part of our operational tasks. These changes are made every few months. THANKS @nordvpn @emanu Well I have been Doing...
Domain Hunter - Checks Expired Domains For Categorization/Reputation And Archive.org History To Determine Good Candidates For Phishing And C2 Domain Names
Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass...