CVE-2005-4685

Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a...

CVE-2005-4685

Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a...

CVE-2005-4685

Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a...

CVE-2005-4684

Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for a...

HP Security Digests - HP-UX security bulletins digest

HP Support Information Digests =============================================================================== o Security Bulletin Digest Split ------------------------------ The security bulletins digest has been split into multiple digests based on the operating system HP-UX, MPE/iX, and HP...

CVE-2000-1218

The CVE relates to Microsoft Windows 98, NT 4.0, 2000, and XP where the default domain name resolver configuration sets QueryIpMatching to 0. This causes the resolver to accept DNS updates from hosts it did not query, enabling DNS cache poisoning by a remote attacker. The PTSecurity entry confirm...

SUSE-SA:2005:022: kdelibs3

The remote host is missing the patch for the advisory SUSE-SA:2005:022 kdelibs3. Several vulnerabilities have been identified and fixed in the KDE desktop environment. - A buffer overflow via specially crafted PCX pictures was fixed. This could lead to a remote attacker being able to execute code...

HP-UX PHNE_28490 : HP-UX DNS and Resolver Libraries, Remote Execution of Arbitrary Code, Denial of Service (DoS) (HPSBUX00209 SSRT2316 rev.17)

s700800 11.22 Bind 9.2.0 components : Potential buffer overflows in DNS resolver libraries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE28490. The text itself is copyright C Hewlett-Packard Development...

HP-UX PHNE_27881 : HP-UX DNS and Resolver Libraries, Remote Execution of Arbitrary Code, Denial of Service (DoS) (HPSBUX00209 SSRT2316 rev.17)

s700800 11.04 VVOS libnssdns DNS backend patch : Potential buffer overflows in DNS resolver libraries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE27881. The text itself is copyright C Hewlett-Packard...

HP-UX PHNE_28449 : s700_800 11.00 Bind 4.9.7 components

s700800 11.00 Bind 4.9.7 components : The remote HP-UX host is affected by multiple vulnerabilities : - Potential buffer overflows in DNS resolver libraries. HPSBUX00233 SSRT2408 - Potential buffer overflows in DNS resolver libraries. HPSBUX00209 SSRT2316 %NASLMINLEVEL 70300 C Tenable Network...

HP-UX PHNE_29634 : s700_800 11.04 (VVOS) Bind 4.9.7 components

s700800 11.04 VVOS Bind 4.9.7 components : The remote HP-UX host is affected by multiple vulnerabilities : - Potential buffer overflows in DNS resolver libraries. HPSBUX00233 SSRT2408 - Potential buffer overflows in DNS resolver libraries. HPSBUX00209 SSRT2316 %NASLMINLEVEL 70300 C Tenable Networ...

CVE-2005-0226

Format string vulnerability in the LogResolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code...

linux_base -- vulnerabilities in Red Hat 7.1 libraries

Trevor Johnson reported that the Red Hat Linux RPMs used by linuxbase contained multiple older vulnerabilities, such as a DNS resolver issue and critical bugs in X font handling and XPM image handling...

CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...

CVE-2002-0651

CVE-2002-0651 relates to a buffer overflow in DNS resolver code used by libc, glibc, and libbind (originating from ISC BIND). Connected advisories describe that versions of ISC BIND upstream prior to 9.2.1 were vulnerable to a resolver buffer overflow which could be triggered by crafted DNS respo...

CVE-2002-1146

The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary "read buffer...

CVE-2002-0651

Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers...

ISC BIND 9 Multiple DNS Resolver Functions Remote Overflow

Binary data 1002.prm...

ISC BIND < 4.9.5 Multiple DNS Resolver Functions Remote Overflow (deprecated)

Binary data 1008.prm...

SOL3284 - Buffer overflows in stub resolver libraries - CAN-2002-0029

The vulnerability described in this article has been resolved, or does not affect any F5 products. There will be no further updates, unless new information is discovered...