Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/13 2:34 a.m.29 views

CVE-2026-45673

A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator PRNG for DNS transaction IDs and a static User Datagram Protocol UDP source port. This combination significantly reduces the randomness of DNS queries, making...

6.8CVSS4.9AI score0.00256EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 2:16 p.m.2 views

CVE-2026-45673 Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...

6.8CVSS5.9AI score0.00256EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/11/19 5:38 a.m.74 views

New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks

Researchers have demonstrated yet another variant of the SAD DNS cache poisoning attack that leaves about 38% of the domain name resolvers vulnerable, enabling attackers to redirect traffic originally destined to legitimate websites to a server under their control. "The attack allows an off-path...

6.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/07/25 12:0 a.m.127 views

bind9x-poison.txt

/ Exploit for CVE-2008-1447 - Kaminsky DNS Cache Poisoning Attack Compilation: $ gcc -o kaminsky-attack kaminsky-attack.c dnet-config --libs -lm Dependency: libdnet aka libdumbnet-dev under Ubuntu Author: marc.bevand at rapid7 dot com / define BSDSOURCE include include include include include...

5CVSS7.1AI score0.95182EPSS
Exploits20
Rows per page
Query Builder