Lucene search
+L

243 matches found

Vulnrichment
Vulnrichment
added 2023/02/21 12:0 a.m.4 views

CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.4AI score0.00708EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/02/21 12:0 a.m.21 views

CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS7.1AI score0.00708EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/21 12:0 a.m.7 views

Knot Resolver 安全漏洞

Knot Resolver is a caching DNS resolver implementation that includes a resolver library and daemon. A security vulnerability exists in Knot Resolver versions prior to 5.6.0, which can be exploited by an attacker to consume server resources and cause a denial of service...

7.5CVSS7.2AI score0.00708EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/21 12:0 a.m.30 views

CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.6AI score0.00708EPSS
Exploits0References1
CVE
CVE
added 2023/02/21 12:0 a.m.51 views

CVE-2023-26249

Knot Resolver is affected by a DoS vulnerability (CVE-2023-26249) in versions prior to 5.6.0. The issue arises from insufficient input validation in the DNS translator, allowing a single client query to trigger many TCP reconnections (up to about a hundred attempts) when upstream servers close wi...

7.5CVSS7.3AI score0.00708EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/02/21 12:0 a.m.10 views

CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS7.4AI score0.00708EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/02/21 12:0 a.m.47 views

CVE-2023-26249

Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...

7.5CVSS7.4AI score0.00708EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.2 views

SUSE CVE-2018-1110

A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service...

7.5CVSS7.1AI score0.0111EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:27 a.m.2 views

SUSE CVE-2018-10920

Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache...

7.5CVSS6.8AI score0.03239EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-12667

Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...

7.5CVSS7.4AI score0.02619EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.5 views

SUSE CVE-2021-40083

Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case NSEC3 with too many iterations used for a positive wildcard proof...

7.5CVSS7.5AI score0.01421EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.3 views

SUSE CVE-2022-40188

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...

7.5CVSS7.3AI score0.01521EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/10/09 12:0 a.m.13 views

Debian: Security Advisory (DLA-3139-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01521EPSS
Exploits0References3
Debian
Debian
added 2022/10/08 1:0 a.m.33 views

[SECURITY] [DLA 3139-1] knot-resolver security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3139-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 07, 2022 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.01521EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/08 12:0 a.m.34 views

Debian dla-3139 : knot-resolver - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3139 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3139-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.3AI score0.01521EPSS
Exploits0References4
OSV
OSV
added 2022/10/07 12:0 a.m.23 views

DLA-3139-1 knot-resolver - security update

Bulletin has no description...

7.5CVSS7.3AI score0.01521EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/10/02 12:0 a.m.17 views

Fedora: Security Advisory for knot-resolver (FEDORA-2022-357cc1a81b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.01521EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/10/02 12:0 a.m.18 views

Fedora: Security Advisory for knot-resolver (FEDORA-2022-2a4ca7b18d)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.01521EPSS
Exploits0References2
CNVD
CNVD
added 2022/09/28 12:0 a.m.50 views

NIC Knot Resolver Denial of Service Vulnerability

Knot Resolver is a cached DNS resolver implementation that includes a resolver library and daemon. A denial of service vulnerability exists in NIC Knot Resolver versions prior to 5.5.3. The vulnerability stems from not properly handling incoming error messages and can be exploited by a remote...

7.5CVSS7.1AI score0.01521EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/09/26 12:0 a.m.22 views

Knot Resolver < 5.5.3 DoS Vulnerability

Knot Resolver is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

7.5CVSS7.3AI score0.01521EPSS
Exploits0References1
Rows per page
Query Builder