CVE-2015-7794

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service traffic amplification via crafted queries...

Design/Logic Flaw

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service traffic amplification via crafted queries...

CVE-2015-7794

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service traffic amplification via crafted queries...

CVE-2015-7794

CVE-2015-7794 affects Corega CG-WLNCM4G devices that may act as an open DNS resolver. This condition enables an unauthenticated remote attacker to weaponize the device for a DNS amplification attack, contributing to a DDoS scenario. Documented impact describes a denial of service via crafted quer...

openSUSE Security Update : glibc (openSUSE-2015-944)

glibc was updated to fix one minor security issue and two bugs. The following vulnerability was fixed : - boo950944: pointer guarding weakness The following bugs were fixed : - boo955644: resource leak in resolver - boo936251: bits/time.h misses CLOCKTAI that is present in linux/time.h...

CG-WLNCM4G may behave as an open resolver

Overview CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#51250073: CG-WLNCM4G may behave as an open resolver

CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. Impact The device may be leveraged for use in a DNS amplification attack and unknowingly become a part of a DDoS attack. Solution Do not use CG-WLNCM4G As of December 25,...

[SECURITY] Fedora 22 Update: bind-9.10.3-7.P2.fc22

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 23 Update: bind-9.10.3-7.P2.fc23

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

ISC BIND named competitive conditions loophole

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A contention condition vulnerability exists in the resolver.c file in named in ISC BIND versions 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2. A...

Apple OS X ASN.1 Parser Memory Corruption Vulnerability (CNVD-2015-08145)

Apple OS X is an operating system developed by Apple Inc. A security vulnerability in the handling of special certificates by the Apple OS X ASN.1 resolver allows attackers to conduct denial of service attacks or execute arbitrary code by submitting a certificate request...

CentOS 7 : unbound (CESA-2015:2455)

Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

unbound security update

CentOS Errata and Security Advisory CESA-2015:2455 Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...

RedHat Update for unbound RHSA-2015:2455-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : unbound (RHSA-2015:2455)

Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

unbound: specially crafted request can lead to denial of service

A denial of service flaw was found in unbound that an attacker could use to trick the unbound resolver into following an endless loop of delegations, consuming an excessive amount of resources...

Low: Red Hat Security Advisory: unbound security and bug fix update

Updated unbound packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2011-1076

net/dnsresolver/dnskey.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service NULL pointer dereference and OOPS by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error...

CentOS 5 : bind97 (CESA-2015:1707)

"Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fr...

Mageia: Security Advisory (MGASA-2015-0272)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...