The vulnerability of the dnsrslvr.dll library in the Windows operating system allows a hacker to increase their privileges.

The vulnerability of the dnsrslvr.dll library in the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

[SECURITY] Fedora 31 Update: bind-9.11.22-1.fc31

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c

...

FreeBSD : adns -- multiple vulnerabilities (08de38d2-e2d0-11ea-9538-0c9d925bbbc0)

Ian Jackson and the adns project reports : Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. Vulnerable applications: those that make SOA queries. Exploitable by: upstream DNS data sources. Likely worst case: DoS cra...

CVE-2020-1584 - Windows dnsrslvr.dll Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka ‘Windows dnsrslvr.dll Elevation of Privilege Vulnerability’. Recent assessments: gwillcox-r7 at August 17, 2020 5:24pm UTC reported: Looking at the patch for this vulnerability, one can...

PT-2020-3729 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the way the dnsrslvr.dll handles objects in memory, allowing an attacker to execute code with elevated permissions. A locally authenticated attacker could exploit th...

NXNSAttack

Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...

Amazon Linux 2 : dnsmasq (ALAS-2020-1469)

The version of dnsmasq installed on the remote host is prior to 2.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1469 advisory. A flaw was found in the default configuration of dnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, where it listens on...

Medium: dnsmasq

Issue Overview: A flaw was found in the default configuration of dnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq ...

Updated dnsmasq packages fix security vulnerability

Updated dnsmasq package fix insecure default configuration potentially making it an open resolver CVE-2020-14312. In its default configuration, dnsmasq listen and answer query from any address even outside of the local subnet. Thus, it may inadvertently become an open resolver which might be used...

MGASA-2020-0310 Updated dnsmasq packages fix security vulnerability

Updated dnsmasq package fix insecure default configuration potentially making it an open resolver CVE-2020-14312. In its default configuration, dnsmasq listen and answer query from any address even outside of the local subnet. Thus, it may inadvertently become an open resolver which might be used...

lwIP TCP/IP Stack DNS Resolver <= 1.4.1 Cache-Poisoning Attack Vulnerability

The lwIP TCP/IP Stack DNS Resolver is vulnerable against a cache-poisoning attack. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Fedora: Security Advisory for adns (FEDORA-2020-530188bf36)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: adns-1.6.0-1.fc32

adns is a resolver library for C and C++ programs. In contrast with the existing interfaces, gethostbyname et al and libresolv, it has the following features: - It is reasonably easy to use for simple programs which just want to translate names to addresses, look up MX records, etc. - It can be...

[SECURITY] Fedora 31 Update: adns-1.6.0-1.fc31

adns is a resolver library for C and C++ programs. In contrast with the existing interfaces, gethostbyname et al and libresolv, it has the following features: - It is reasonably easy to use for simple programs which just want to translate names to addresses, look up MX records, etc. - It can be...

CVE-2020-14312

A flaw was found in the default configuration of dnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq in this manner m...

[SECURITY] Fedora 31 Update: bind-9.11.20-1.fc31

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 32 Update: bind-9.11.20-1.fc32

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

CentOS: Security Advisory for unbound (CESA-2020:2642)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

unbound security update

CentOS Errata and Security Advisory CESA-2020:2642 An update for unbound is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...