Lucene search
K

218 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/22 12:0 a.m.21 views

Oracle Linux 7 : c-ares (ELSA-2023-3741)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3741 advisory. 1.10.0-3.1 - Resolves: rhbz2209503 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-7.9.z Tenable has extracted the preceding description bloc...

7.5CVSS6.5AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/15 12:0 a.m.38 views

Oracle Linux 8 : c-ares (ELSA-2023-3584)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3584 advisory. 1.13.0-6.1 - Resolves: rhbz2209516 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-8.8.0.z Tenable has extracted the preceding description...

7.5CVSS6.5AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/15 12:0 a.m.13 views

AlmaLinux 9 : c-ares (ALSA-2023:3559)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3559 advisory. - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP...

7.5CVSS6.3AI score0.01577EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.21 views

Oracle Linux 9 : c-ares (ELSA-2023-3559)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3559 advisory. 1.17.1-5.1 - Resolves: rhbz2209519 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-9.2.0.z Tenable has extracted the preceding description...

7.5CVSS6.5AI score0.01577EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/05/25 11:15 p.m.38 views

CVE-2023-32067

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

7.5CVSS6.6AI score0.01577EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/05/25 10:15 p.m.35 views

CVE-2023-31130

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS6.7AI score0.00333EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/05/25 10:15 p.m.39 views

CVE-2023-31124

c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand as a fallback which could allow an attacker to take advantage of the lack ...

3.7CVSS6.5AI score0.00936EPSS
Exploits0References3
OSV
OSV
added 2023/05/25 10:15 p.m.3 views

UBUNTU-CVE-2023-31130

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS7AI score0.00333EPSS
Exploits0References6
Prion
Prion
added 2023/05/25 10:15 p.m.19 views

Design/Logic Flaw

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.4CVSS6.8AI score0.00905EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2023/05/25 10:15 p.m.143 views

CVE-2023-31147

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.5CVSS6.7AI score0.00905EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/05/25 9:45 p.m.31 views

CVE-2023-31130

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS7.2AI score0.00333EPSS
Exploits0
CVE
CVE
added 2023/05/25 9:45 p.m.570 views

CVE-2023-31130

CVE-2023-31130 affects the c-ares asynchronous DNS library. The vulnerability is a buffer underflow/underwrite in ares_inet_net_pton() for IPv6 addresses such as 0::00:00:00/2. Affected versions are prior to the fix, with the issue addressed in c-ares 1.19.1. Multiple advisories reference upgrade...

6.4CVSS6.5AI score0.00333EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2023/05/25 9:9 p.m.478 views

CVE-2023-31124

CVE-2023-31124 concerns c-ares where cross-compiling with autotools can leave CARES_RANDOM_FILE unset, causing a fallback to rand() for DNS query ID entropy rather than a CSPRNG. The result is reduced randomness and potential predictability of DNS IDs, raising security risk under entropy-limited ...

3.7CVSS6AI score0.00936EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/25 12:0 a.m.32 views

Uncontrolled Resource Consumption

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

7.5CVSS6.6AI score0.01577EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/05/16 12:0 a.m.27 views

ALSA-2023:3002 Moderate: bind security and bug fix update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

5.3CVSS6.9AI score0.01495EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2023/05/09 12:0 a.m.53 views

Moderate: bind security and bug fix update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

7.5CVSS7.9AI score0.5017EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.6 views

SUSE CVE-2013-7423

The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function...

5CVSS7AI score0.05808EPSS
Exploits2References8
Fedora
Fedora
added 2023/02/06 1:33 a.m.40 views

[SECURITY] Fedora 36 Update: bind-9.16.37-1.fc36

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7.5CVSS7.7AI score0.5017EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2022/11/15 12:0 a.m.38 views

Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

6.8CVSS6.7AI score0.0325EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/08 9:31 a.m.33 views

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

6.8CVSS6.6AI score0.0325EPSS
Exploits0References5
Rows per page
Query Builder