5279 matches found
CVE-2022-3924
This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...
CVE-2022-3924
This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...
CVE-2022-3924 named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...
CVE-2022-3924
A flaw was found in Bind. When resolver receives many queries requiring recursion, there will be a corresponding increase in the number of clients waiting for recursion to complete. This may, under certain conditions, lead to an assertion failure and a denial of service. Mitigation Disabling...
ISC BIND 安全漏洞
ISC BIND is a suite of open source software that implements the DNS protocol from the American company ISC. A security vulnerability exists in BIND versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, and 9.19.0 through 9.19.8, which stems from the fact that if the resolver receives a lot of...
CVE-2022-3924
This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...
Ubuntu 20.04 LTS / 22.04 LTS : Bind vulnerabilities (USN-5827-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5827-1 advisory. Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to...
FreeBSD : re2c -- uncontrolled recursion (b0e1fa2b-9c86-11ed-9296-002b67dfc673)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0e1fa2b-9c86-11ed-9296-002b67dfc673 advisory. - re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags...
FreeBSD : powerdns-recursor -- denial of service (28b69630-9b10-11ed-97a6-6805ca2fa271)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 28b69630-9b10-11ed-97a6-6805ca2fa271 advisory. - A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS quer...
CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
DEBIAN-CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
Design/Logic Flaw
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
Denial Of Service (DoS)
pdns-recursor is vulnerable to Denial of ServiceDoS attacks. A remote attacker is able to cause infinite recursion in PowerDNS Recursor via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode...
CVE-2023-22617
The CVE-2023-22617 issue affects PowerDNS Recursor 4.8.0, where a remote attacker could trigger infinite recursion by processing a DNS query for DS records in a misconfigured domain, due to QName minimization in QM fallback mode. The vulnerability is mitigated by upgrading to PowerDNS Recursor 4....
CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...
PowerDNS Recursor 安全漏洞
PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor version 4.8.0, which stems from the use of QName minimization in QM fallback mode, resulting in infinite recursion...
PT-2025-13332 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, related to the bpf and sockmap functionality. When a listening socket is linked to a sockmap, its sk prot is overridden to poin...
CVE-2023-22617
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1...