243 matches found
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
Knot Resolver 安全漏洞
Knot Resolver is a caching DNS resolver implementation that includes a resolver library and daemon. A security vulnerability exists in Knot Resolver versions prior to 5.6.0, which can be exploited by an attacker to consume server resources and cause a denial of service...
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
CVE-2023-26249
Knot Resolver is affected by a DoS vulnerability (CVE-2023-26249) in versions prior to 5.6.0. The issue arises from insufficient input validation in the DNS translator, allowing a single client query to trigger many TCP reconnections (up to about a hundred attempts) when upstream servers close wi...
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
SUSE CVE-2018-1110
A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service...
SUSE CVE-2018-10920
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache...
SUSE CVE-2020-12667
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...
SUSE CVE-2021-40083
Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case NSEC3 with too many iterations used for a positive wildcard proof...
SUSE CVE-2022-40188
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service CPU consumption because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets...
Debian: Security Advisory (DLA-3139-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3139-1] knot-resolver security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3139-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 07, 2022 https://wiki.debian.org/LTS -...
Debian dla-3139 : knot-resolver - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3139 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3139-1 [email protected] https://www.debian.org/lts/security/...
DLA-3139-1 knot-resolver - security update
Bulletin has no description...
Fedora: Security Advisory for knot-resolver (FEDORA-2022-357cc1a81b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for knot-resolver (FEDORA-2022-2a4ca7b18d)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
NIC Knot Resolver Denial of Service Vulnerability
Knot Resolver is a cached DNS resolver implementation that includes a resolver library and daemon. A denial of service vulnerability exists in NIC Knot Resolver versions prior to 5.5.3. The vulnerability stems from not properly handling incoming error messages and can be exploited by a remote...
Knot Resolver < 5.5.3 DoS Vulnerability
Knot Resolver is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...