RHEL 8 : dnsmasq (RHSA-2021:0152)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0152 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

RHEL 7 : dnsmasq (RHSA-2021:0155)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0155 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

RHEL 7 : dnsmasq (RHSA-2021:0153)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0153 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

PT-2020-16417 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: Gitlab versions 13.4.x through 13.4.7 Gitlab versions 13.5 through 13.5.5 Gitlab versions 13.6 through 13.6.2 Description: A potential DOS issue was discovered in Gitlab. It can be triggered by using a specific query name for a project search...

Denial Of Service (DoS)

gitlab is vulnerable to denial of service. An attacker is able to cause a denial of service condition in the application using a specific query name for a project search which will cause statement timeouts...

D-Link DIR-825 and TRENDnet TEW-632BRP Command Injection Vulnerability (CNVD-2020-16100)

The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router.The TRENDnet TEW-632BRP is a 300Mbps wireless home router. A command injection vulnerability exists in the D-Link DIR-825 and TRENDnet TEW-632BRP. A remote attacker can exploit this vulnerability to execute arbitrary commands...

CVE-2020-10215

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dnsqueryname parameter in a dnsquery.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected...

DEBIAN-CVE-2017-15092

A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

DLA-645-1 bind9 - security update

Bulletin has no description...

CVE-2016-2775

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

bind -- denial of service vulnerability

ISC reports: A query name which is too long can cause a segmentation fault in lwresd...