SUSE: Security Advisory (SUSE-SU-2023:4527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : c-ares (RHSA-2023:7392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7392 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Buffer Underwrite ...

Moderate: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

ALSA-2023:7177 Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

Moderate: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

RHEL 8 : c-ares (RHSA-2023:7207)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7207 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Heap buff...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3115)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

avahi: reachable assertion in avahi_s_host_name_resolver_start when trying to resolve badly-formatted hostnames

A flaw was found in avahi. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is...

Fedora 39 : bind / bind-dyndb-ldap (2023-c0ff5a2f68)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0ff5a2f68 advisory. Update to BIND 9.18.16 Selected parts from upstream release notes. Visit that for details of bug fixes. Security Fixes - The overmem cleaning proces...

Rocky Linux 8 : bind (RLSA-2022:2092)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2092 advisory. - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release...

Rocky Linux 9 : unbound (RLSA-2022:8062)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8062 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...

Rocky Linux 8 : nginx:1.20 (RLSA-2022:0323)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0323 advisory. - A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory...

Rocky Linux 9 : bind (RLSA-2022:6763)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6763 advisory. - By sending specific queries to the resolver, an attacker can cause named to crash. CVE-2022-3080 - By spoofing the target resolver with responses that...

Rocky Linux 8 : nodejs:16 (RLSA-2023:4034)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4034 advisory. - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen...

[SECURITY] Fedora 39 Update: bind9-next-9.19.17-1.fc39

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 39 Update: bind-9.18.19-1.fc39

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

F5 Networks BIG-IP : iRules RESOLVER::summarize memory leak vulnerability (K65397301)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K65397301 advisory. - On BIG-IP version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3, when the iRules RESOLVER::summarize...

SUSE CVE-2019-15718

In systemd 240, busopensystemwatchbindwithdescription in shared/bus-util.c as used by systemd-resolved to connect to the system D-Bus instance, calls sdbussettrusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3049)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-21382

In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...