Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination ...

Dnspython < 2.6.0rc1 DoS

The version of dnspython installed on the remote host is prior to 2.6.0rc1. It is, therefore, affected by a denial of service DoS vulnerability. The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives...

FreeBSD-SA-24:03.unbound

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:03.unbound Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in unbound Category: contrib Module: unbound Announced: 2024-03-28 Affects:...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

DEBIAN-CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

UBUNTU-CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

CVE-2024-29018 External DNS requests from 'internal' networks could lead to data exfiltration

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

CVE-2024-29018

CVE-2024-29018 affects the Moby-based docker/libnetwork networking stack, where internal networks can forward DNS requests to an external nameserver due to how host loopback DNS resolution is bridged for internal networks. The issue enables an attacker controlling an authoritative DNS domain to c...

CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

Moby's external DNS requests from 'internal' networks could lead to data exfiltration

Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. As a batteries-included container runtime, Moby comes with a built-in networking implementati...

Performance Degradation

BIND is vulnerable to a performance degradation issue when a resolver cache contains a large number of ECS EDNS Client Subnet records for the same name, impacting query performance during the cache database cleanup process...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2024-1261)

According to the versions of the dnsmasq packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1261)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for xmvn-connector-ivy (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unbound DNS Resolver < 1.19.1-2.fc40 Access Control Vulnerability

Unbound DNS Resolver is prone to an access control vulnerability. This VT was deprecated as it has been determined that this is not a software flaw in the product itself but an issue in Red Hat RHEL and derivates e.g. Fedora specific packaging of the product and for which various more reliable...

Fedora: Security Advisory for xml-commons-resolver (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...