2959 matches found
CVE-2012-1191
The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names"...
CVE-2012-1192
Unbound resolver vulnerable prior to 1.4.11. During processing of an A record response, it overwrites cached NS names and TTLs, enabling a ghost domain names attack that can resume resolvability of revoked domains. This is a remote, unauthenticated issue exploitable via crafted responses. Mitigat...
CVE-2012-1192
The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
CVE-2012-1191
CVE-2012-1191 affects the dns resolver in djbdns’s dnscache (version 1.05). The vulnerability arises when processing an A record response, where the resolver overwrites cached NS record names and TTLs, enabling a ghost-domain names attack that can keep revoked domains resolvable. The issue is doc...
Researchers Warn Of 'Ghost Domain' Flaw in DNS
Researchers are warning about a flaw in the Domain Name System DNS that could allow attackers to keep a malicious domain alive and accessible, despite efforts to remove it. A paper jointly authored by researchers in China, the United States and Spain found that a flaw in DNS allows deleted domain...
Debian Security Advisory DSA 2370-1 (unbound)
The remote host is missing an update to unbound announced via advisory DSA 2370-1. OpenVAS Vulnerability Test $Id: deb23701.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2370-1 unbound Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
VUL-0: nginx: heap overflow (important)
A flaw in the custom DNS resolver of nginx could lead to a heap based buffer overflow which could potentially allow attackers to execute arbitrary code or to cause a Denial of Service bnc731084, CVE-2011-4315...
CVE-2012-1033
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
DEBIAN-CVE-2012-1033
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
Code injection
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
CVE-2012-1033
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
CVE-2012-1033
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
CVE-2012-1033
The CVE-2012-1033 issue affects ISC BIND 9 up to 9.8.1-P1, where the resolver overwrites cached NS records and TTLs during handling of an A query response. This can allow remote attackers to trigger continued resolvability of revoked domain names via a ghost domain names attack. Public Nessus/IDS...
PT-2012-3031 · Isc +4 · Isc Bind 9 +4
Name of the Vulnerable Software and Affected Versions: ISC BIND 9 versions 9.1.1 through 9.8.1-P1 ISC BIND 9 version 9.7.0 ISC BIND 9 version 9.7.2 Description: The issue allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. This...
CVE-2012-1033
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...
ISC BIND 9 resolver cache vulnerability
Overview ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. Description According to ISC:I SC has been notified by Haixin Duan a professor at Tsinghua University in Beijing China, who is...
Apple OS X multiple security vulnerabilities
Graphics, Video, Audio and documents parsing vulnerabilities. Information leakage, code execution via DNS resolver. Privilege escalation. Vulnerabilities in 3rd party packages...
Unbound < 1.4.14 / 1.4.13p2 Multiple DoS
According to its self-reported version number, the remote Unbound DNS resolver is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to an attempt to free unallocated memory during the processing of duplicate CNAME records in a signed zone. An...
Debian DSA-2370-1 : unbound - several vulnerabilities
It was discovered that Unbound, a recursive DNS resolver, would crash when processing certain malformed DNS responses from authoritative DNS servers, leading to denial of service. - CVE-2011-4528 Unbound attempts to free unallocated memory during processing of duplicate CNAME records in a signed...
Fedora Update for unbound FEDORA-2011-17337
Check for the Version of unbound OpenVAS Vulnerability Test Fedora Update for unbound FEDORA-2011-17337 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...