730 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Unbound vulnerabilities (USN-7666-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7666-1 advisory. Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use th...
USN-7666-1 unbound vulnerabilities
Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...
USN-7666-1: Unbound vulnerabilities
Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...
SUSE CVE-2025-30192
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter...
DEBIAN-CVE-2025-30192
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter...
UBUNTU-CVE-2025-30192
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter...
CVE-2025-30192
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter...
PowerDNS Recursor 安全漏洞
PowerDNS Recursor pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor versions 5.0.10, 5.1.4, and 5.2.2 and above, which stems from the fact that spoofing attempts for ECS-enabled queries have a higher chance of...
CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
FreeBSD : unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack (e27ee4fc-cdc9-45a1-8242-09898cdbdc91)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e27ee4fc-cdc9-45a1-8242-09898cdbdc91 advisory. [email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has be...
UBUNTU-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
ISC BIND Cache-Poisoning Vulnerability (CVE-2025-40776, Birthday Attack) - Linux
ISC BIND is prone to a cache-poisoning vulnerability Birthday Attack against Resolvers supporting ECS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
SUSE CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
SUSE CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
DEBIAN-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
ALPINE-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
CVE-2025-5994 describes a rebirthday cache-poisoning risk in ECS-enabled caching resolvers. Affected product: Unbound (if built with ECS support and configured to send ECS data upstream). Root cause: need to segregate outgoing queries by ECS info; otherwise an attacker could exploit DNS transacti...