Fedora Update for knot-resolver FEDORA-2018-389bc4e911

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for knot-resolver FEDORA-2018-0c0671072b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for knot-resolver FEDORA-2018-a120d509ab

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : knot-resolver (2018-0c0671072b)

Knot Resolver 2.3.0 2018-04-23 ================================ Security -------- - fix CVE-2018-1110: denial of service triggered by malformed DNS messages !550, !558, security!2, security!4 - increase resilience against slow lorris attack security!5 Bugfixes -------- - validation: fix SERVFAIL ...

Amazon Linux AMI : glibc (ALAS-2018-1017)

Fragmentation attacks possible when EDNS0 is enabled The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP...

[SECURITY] Fedora 27 Update: knot-resolver-2.3.0-1.fc27

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

[SECURITY] Fedora 26 Update: knot-resolver-2.3.0-1.fc26

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

[SECURITY] Fedora 28 Update: knot-resolver-2.3.0-1.fc28

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service DoS attacks. The library contains a use-after-free bug in the fctxstoptimer function in the lib/dns/resolver.c file, allowing a malicious user to pass a DNS packet to cause an assertion failure and crash the application...

Introducing New WhoAmI Tool DNS Resolver Information

The Domain Name System DNS tools “whoami.akamai.net” and its alias “whoami.akamai.com” have been used for many years, often as a step in the process for diagnosing how a content delivery network CDN is directing traffic, locality, and network reachability issues. Whoami was originally introduced ...

EulerOS 2.0 SP2 : zsh (EulerOS-SA-2018-1091)

According to the versions of the zsh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20180410)

Security Fixes : - glibc: realpath buffer underflow when getcwd returns relative path allows privilege escalation CVE-2018-1000001 - glibc: Buffer overflow in glob with GLOBTILDE CVE-2017-15670 - glibc: Buffer overflow during unescaping of user names with the operator CVE-2017-15804 - glibc: deni...

glibc security update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

RHEL 7 : glibc (RHSA-2018:0805)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0805 advisory. - glibc: denial of service in getnetbyname function CVE-2014-9402 - glibc: DNS resolver NULL pointer dereference with crafted record type...

glibc: DNS resolver NULL pointer dereference with crafted record type

resquery in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service NULL pointer dereference and process crash...

Cloudflare Launches Publicly DNS-Over-HTTPS Service

Cloudflare is hoping to boost consumer privacy, reduce the threat of man-in-the-middle attacks, and speed up the internet with a new free solution for securing domain name server traffic that uses the encrypted HTTPS channel. On Sunday, the security focused content delivery network provider,...

GNOME NetworkManager DNS resolver information disclosure vulnerability

GNOME NetworkManager is a set of network management tools developed by The GNOME Project for Linux and other Unix-like operating systems to simplify network configuration.DNS resolver is one of the domain name resolution modules. An information disclosure vulnerability exists in DNS resolver in...

CVE-2014-2031

Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service out-of-bounds read and crash by leveraging permission to perform recursive queries against Deadwood, related to a logic error...

CVE-2018-1000135

GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure CWE-200 vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed,...