CVE-2019-5174

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted...

CVE-2020-3174

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

CVE-2017-14495

A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations using one of the...

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

Design/Logic Flaw

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

CVE-2019-6468 BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

CVE-2019-6469

An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

CVE-2019-6468

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

CVE-2019-6469

CVE-2019-6469 concerns an error in the EDNS Client Subnet (ECS) feature in BIND’s recursive resolvers. A malformed RRSIG in a response can trigger an assertion failure, causing BIND to exit. Affected versions are BIND 9.10.5-S1 through 9.11.6-S1 (BIND 9 Supported Preview Edition). The issue is ti...

How to change subnet mask of NSIP on NetScaler

How to change the subnet mask of NetScaler management IP address when not using Clustering...

LetsMapYourNetwork - Tool To Visualise Your Physical Network In Form Of Graph With Zero Manual Error

It is utmost important for any security engineer to understand their network first before securing it and it becomes a daunting task to have a ‘true’ understanding of a widespread network. In a mid to large level organisation’s network having a network architecture diagram doesn’t provide the...

PT-2019-3096 · D Link · D-Link Dir-825Ac G1

Name of the Vulnerable Software and Affected Versions: D-link DIR-825AC G1 versions affected versions not specified Description: The issue is related to insufficient compartmentalization between a host network and a guest network established by the same device. These devices forward ARP requests...

How to Provide Secure Access to AWS Workloads

In the last two posts, we covered the security fundamentals to migrate to the Cloud and the 10 best practices to secure workloads. In this third post, we will talk about securing access to your AWS workloads. To Live Happy, Live Hidden In a traditional model, you need to somehow open your cloud...

ISC BIND 9.10.5-S1 <= 9.11.6-S1 EDNS Client Subnet RRSIG Denial of Service

The version of ISC BIND Supported Preview Edition running on the remote host is version 9.10.5-S1 through 9.11.6-S1. It is, therefore, affected by an error related to handling RRSIG data that allows an attacker to crash the application if the EDNS Client Subnet ECS feature is enabled. C Tenable...

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted DNS packets to cause the addpseudoheader function to allocate memory that is never freed, consuming excessive memory on the target system which leads application to crash.This issue only affects...

Denial Of Service (DoS)

dnsmasq is vulnerable to denial of serviceDoS attacks. A remote user could send specially crafted DNS packets to trigger an integer underflow and subsequent buffer over-read error in the EDNS0 code and cause the target service to crash. This issue only affects configurations using one of the...

CVE-2018-20503

Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4interface.php vlanid or subnetmask parameter...

ISC BIND 9.10.5-S1 < 9.11.5-S6 Assertion Failure Vulnerability

ISC BIND versions 9.11.5-S5 and earlier are affected by an error in the nxdomain-redirect feature in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. C Tenable...