Oracle Linux 8 : bind9.16 (ELSA-2023-4100)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4100 advisory. 32:9.16.23-14.1 - Improve RBT overmem cache cleaning CVE-2023-2828 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : nodejs:16 (ELSA-2023-4034)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4034 advisory. nodejs 1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 Tenable has extracted the...

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2023-240)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-240 advisory. A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order,...

Oracle Linux 8 : nodejs:18 (ELSA-2023-4035)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4035 advisory. nodejs 1:18.14.2-3 - Update bundled c-ares to 1.19.1 Resolves: CVE-2022-4904 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2023-2374)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

Important: Red Hat Security Advisory: bind security and bug fix update

An update for bind is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

K000135504: BIND vulnerability CVE-2023-2911

Security Advisory Description If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. Th...

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

ALSA-2023:4099 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2836-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2836-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database...

Ubuntu: Security Advisory (USN-6225-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6225-1 knot-resolver vulnerability

It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service...

USN-6225-1: Knot Resolver vulnerability

It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM : Knot Resolver vulnerability (USN-6225-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6225-1 advisory. It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

CentOS 8 : nodejs:18 (CESA-2023:4035)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:4035 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitra...