114 matches found
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
Code injection
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
UBUNTU-CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
CVE-2023-26249
Knot Resolver is affected by a DoS vulnerability (CVE-2023-26249) in versions prior to 5.6.0. The issue arises from insufficient input validation in the DNS translator, allowing a single client query to trigger many TCP reconnections (up to about a hundred attempts) when upstream servers close wi...
CVE-2023-26249
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response...
SUSE CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted rep...
CVE-2022-42982
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. The NTRIP sourcetable is typically quite long tens of kBs and can be requested with a packet of only 30 bytes. This presents a vector that can be used for UDP amplification attacks...
Denial Of Service
Scandium is vulnerable to Denial of Serivice. The DTLS stack is not implemented correctly, leading to an amplification attack using resumption handshakes...
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...
Design/Logic Flaw
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...
CVE-2021-4234
OpenVPN Access Server 2.10 and prior versions are susceptible to resending multiple packets in a response to a reset packet sent from the client which the client again does not respond to, resulting in a limited amplification attack...
CVE-2021-4234
OpenVPN Access Server 2.10 and earlier are affected by a vulnerability where the server resends multiple packets in response to a client-sent reset, which the client does not respond to, enabling a limited amplification attack. The issue is documented in CVE-2021-4234 with a HIGH impact on availa...
OpenVPN 安全漏洞
OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...
Record breaking HTTPS DDoS attack
Last week, Cloudflare blocked the largest HTTPS DDoS attack on record. The attack amassed some 26 million requests per second rps. The previous record for a HTTPS DDoS attack was 15.3 million rps. The attack targeted an unnamed Cloudflare customer and originated mostly from Cloud Service Provider...
“Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison
A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service DDoS attacks against hundreds of thousands of Internet users and websites. The user...
GHSA-GPXV-776P-7GC7 Jenkins vulnerable to UDP amplification reflection attack
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier supports two network discovery services UDP multicast/broadcast and DNS multicast by default. The UDP multicast/broadcast service can be used in an amplification reflection attack, as very few bytes sent to the respective endpoint result in much...
Mageia: Security Advisory (MGASA-2014-0052)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-23937
A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to...