UBUNTU-CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

CVE-2018-5738

Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has not specified a value for the...

Solaris 10 (sparc) : 148625-01

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: in.tnamed1M. Supported versions that are affected are 9 and 10. Easily exploitable vulnerability allows successful unauthenticated network attacks via NameServer. Successful attack of this vulnerability can result i...

Solaris 10 (x86) : 148626-01

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: in.tnamed1M. Supported versions that are affected are 9 and 10. Easily exploitable vulnerability allows successful unauthenticated network attacks via NameServer. Successful attack of this vulnerability can result i...

[SECURITY] Fedora 27 Update: pdns-4.1.0-1.fc27

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

[SECURITY] Fedora 24 Update: pdns-4.0.3-1.fc24

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

[SECURITY] Fedora 25 Update: pdns-4.0.3-1.fc25

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

JudasDNS - Nameserver DNS poisoning attacks made easy

A DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation. Judas works by proxying all DNS queries to the legitimate nameservers for a domain. The magic comes with Judas's rule configurations which allow you to change DNS responses depending on...

Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target

In a past piece of research, we explored the issue of nameserver domains expiring allowing us to take over full control of a target domain. In that example we took over the domain name maris.int by buying an expired domain name which was authoritative for the domain. This previous example happene...

Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target

In a past piece of research, we explored the issue of nameserver domains expiring allowing us to take over full control of a target domain. In that example we took over the domain name maris.int by buying an expired domain name which was authoritative for the domain. This previous example happene...

[SECURITY] Fedora 23 Update: pdns-3.4.10-1.fc23

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

bind, caching security update

CentOS Errata and Security Advisory CESA-2016:1944 An update for bind is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

openSUSE Security Update : bind (openSUSE-2016-1133)

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362 This update was imported from the SUSE:SLE-12-SP1:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

SUSE-SU-2016:2401-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362...

SUSE-SU-2016:2399-1 Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. CVE-2016-2776, bsc1000362...

CVE-2016-6146

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226...

Information disclosure

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226...

CVE-2016-6146

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226...

CVE-2016-6146

CVE-2016-6146 affects SAP TREX 7.10 Revision 63 NameServer. It enables remote attackers to disclose sensitive TNS information via an unspecified query (information disclosure). Exploitation details (vector, conditions, exploit code) are not provided in the documents; CVSS suggests network access ...

[SECURITY] Fedora 24 Update: pdns-4.0.1-1.fc24

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...