16 matches found
Astra Linux – Vulnerability in connman
ConnMan also known as Connection Manager versions 1.30 to 1.39 have a stack-based buffer overflow issue in the uncompress function of dnsproxy.c, occurring due to the use of NAME, RDATA, or RDLENGTH fields for the A or AAAA records...
EUVD-2008-3162
Malware in sbrugna...
EUVD-2021-20507
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames. CVE-2018-1043 Note that Nessus relies on the presence of the...
SUSE CVE-2021-33833
ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA...
Dnssearch - A Subdomain Enumeration Tool
This software is a subdomain enumeration tool. Purpose dnssearch takes an input domain -domain parameter and a wordlist -wordlist parameter , it will then perform concurrent DNS requests using the lines of the wordlist as sub domains eventually bruteforcing every sub domain available on the top...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...
CVE-2019-10162
PowerDNS Authoritative Server vulnerability CVE-2019-10162 affects versions prior to 4.1.10 and 4.0.8. An authorized user can cause the server to terminate by inserting a crafted MASTER zone record, triggered when the server parses NS/A/AAAA data for an outgoing NOTIFY. The issue is tied to how p...
Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques
By Danny Adamitis with contributions from Paul Rascagneres. Executive summary After several months of activity, the actors behind the "Sea Turtle" DNS hijacking campaign are not slowing down. Cisco Talos recently discovered new details that suggest they regrouped after we published our initial...
Moodle 3.x Bypass Vulnerability (Jan 2018) - Linux
Setting for blocked hosts list can be bypassed with multiple A record hostnames. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-15650
musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dnsparsecallback in network/lookupname.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query...
PT-2017-4088 · Musl +2 · Musl Libc +2
Name of the Vulnerable Software and Affected Versions: musl libc versions prior to 1.1.17 Description: The issue is related to a buffer overflow in the dns parse callback function in network/lookup name.c, which does not restrict the number of addresses. This allows an attacker to provide an...
Debian Security Advisory DSA 1515-1 (libnet-dns-perl)
The remote host is missing an update to libnet-dns-perl announced via advisory DSA 1515-1. OpenVAS Vulnerability Test $Id: deb15151.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1515-1 libnet-dns-perl Authors: Thomas Reinke Copyright: Copyright c 2008...
Debian: Security Advisory (DSA-1515-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1515-1 : libnet-dns-perl - several vulnerabilities
Several remote vulnerabilities have been discovered in libnet-dns-perl. The Common Vulnerabilities and Exposures project identifies the following problems : It was discovered that libnet-dns-perl generates very weak transaction IDs when sending queries CVE-2007-3377 . This update switches...
DSA-1515-1 libnet-dns-perl - several vulnerabilities
Bulletin has no description...