2959 matches found
SOL2104 - Buffer read overflow in DNS resolver libraries - CAN-2002-1146
Information about this vulnerability can be found at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
SOL1882 - Buffer Overflows in DNS Resolver Libraries vulnerability CAN-2002-19
CERT has released an advisory regarding a buffer overflow in the way that stub resolvers handle DNS responses. Malicious users could use this exploit to cause a denial-of-service DoS attack or possibly run arbitrary code on the system. For more information about this advisory, refer to the...
eXtremail buffer overflow
DNS resolver code buffer overflow...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
: seamonkey cookie setting / same-domain bypass vulnerability
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability
No description provided by source. !-- Mozilla Firefox 'location.hostname' Cross-Domain Vulnerability Software : Mozilla Firefox version 2.0.0.1 and prior CVE reference : CVE-2007-0981 Impact : Security Bypass Risk : Moderate...
Mozilla Firefox 2.0.0.1 - 'location.hostname' Cross-Domain
Options - Privacy - Show Cookies for login.live.com Gorn, gorn.supportgmailcom 2007-02-19 16:00 -- var mydomain = '127.0.0.1'; var varcook = 'MSPPre=firefoxvulnerabilitytest'; var domcook = 'login.live.com'; if location.hostname == mydomain...
Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerabil
Exploit for unknown platform in category remote exploits ========================================================================= Mozilla Firefox Options - Privacy - Show Cookies for login.live.com...
CVE-2007-0981
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
CVE-2007-0981
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...
CVE-2007-0981
CVE-2007-0981 affects Mozilla-based browsers (Firefox up to 1.5.0.10 and 2.x up to 2.0.0.2; SeaMonkey up to 1.0.8). The root cause is a handling flaw when location.hostname is modified via a URI containing a null byte, interacting with DNS resolver code, which can bypass the same-origin policy an...
[SECURITY] Fedora Core 5 Update: bind-9.3.4-1.fc5
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
CVE-2002-2212
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed response...
CVE-2002-2213
The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record RR combined with spoofed...
CVE-2002-2213
The CVE-2002-2213 entry describes a vulnerability in the DNS resolver of Infoblox DNS One (unspecified versions) where recursive resolution for arbitrary hosts can be poisoned via a birthday attack. This attack uses a large number of open queries for the same resource record and spoofed responses...
CVE-2002-2212
CVE-2002-2212 affects the DNS resolver in Fujitsu UXP/V. The vulnerability allows remote attackers to perform DNS cache poisoning through a birthday-attack using many concurrent DNS queries and spoofed responses, increasing the chance of a correct spoofed reply more efficiently than brute force. ...
CVE-2006-2078
Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in 1 ProxyDNS or 2 PKI-Resolver, as demonstrated by the OUSPG PROTOS DN...
CVE-2005-4685
The CVE-2005-4685 entry describes a cookie handling flaw in Firefox/Mozilla where, if the DNS resolver uses a non-root domain in its search list, a cookie can be associated with multiple domains or stolen for an expanded hostname. Exploitation involves a user-entered hostname being expanded via t...
CVE-2005-4685
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a...