Lucene search
+L

1248 matches found

cvelist
cvelist
added 2013/03/04 9:0 p.m.24 views

CVE-2012-3411

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...

7.6AI score0.05028EPSS
Exploits0References11
amazon
amazon
added 2013/03/02 12:0 a.m.56 views

Medium: dnsmasq

Issue Overview: It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of...

5CVSS8.7AI score0.05028EPSS
Exploits0References1
nessus
nessus
added 2013/03/01 12:0 a.m.31 views

Scientific Linux Security Update : dnsmasq on SL6.x i386/x86_64 (20130221)

It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS...

5CVSS6.9AI score0.05028EPSS
Exploits0References2
centos
centos
added 2013/02/27 8:9 p.m.71 views

bind security update

CentOS Errata and Security Advisory CESA-2013:0550 Updated bind packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scorin...

7.1CVSS7.1AI score0.12036EPSS
Exploits1References7
openvas
openvas
added 2013/02/22 12:0 a.m.30 views

RedHat Update for dnsmasq RHSA-2013:0277-02

Check for the Version of dnsmasq OpenVAS Vulnerability Test RedHat Update for dnsmasq RHSA-2013:0277-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS7AI score0.05028EPSS
Exploits0References2
openvas
openvas
added 2013/02/22 12:0 a.m.37 views

RedHat Update for bind RHSA-2013:0550-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.1CVSS6.5AI score0.12036EPSS
Exploits1References3
nessus
nessus
added 2013/02/21 12:0 a.m.30 views

RHEL 6 : dnsmasq (RHSA-2013:0277)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0277 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. It was...

5CVSS7AI score0.05028EPSS
Exploits0References8
redhat
redhat
added 2013/02/20 4:19 p.m.6 views

libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...

5CVSS5.9AI score0.05028EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2013/02/20 12:0 a.m.4 views

PT-2013-1604 · Dnsmasq +3 · Dnsmasq +3

Name of the Vulnerable Software and Affected Versions: Dnsmasq versions prior to 2.63test1 Description: The issue allows remote attackers to cause a denial of service, specifically through traffic amplification, by sending a spoofed DNS query. This occurs when Dnsmasq is used with certain...

5CVSS8.4AI score0.05028EPSS
Exploits0References38
threatpost
threatpost
added 2012/10/24 3:21 p.m.14 views

Attackers Turn to Open DNS Resolvers to Amplify DDoS Attacks

Although DDoS attacks have been a serious problem for more than a decade now and security staffs have a good handle on how they’re executed and how to handle them, attackers constantly adjust their tactics in order to defeat the best defenses available. One of the more recent tactics adopted by...

1.5AI score
Exploits0References2
threatpost
threatpost
added 2012/08/15 2:31 p.m.9 views

Researchers Find Flaw in Dirt Jumper Bot

A team of researchers has discovered a weakness in the command-and-control infrastructure of one of the major DDoS toolkits, Dirt Jumper, that enables them to stop attacks that are in progress. The discovery gives the researchers the ability to access the back-end servers that control the attack...

0.4AI score
Exploits0References4
threatpost
threatpost
added 2012/08/14 2:8 a.m.12 views

WikiLeaks Back Online after Sustained DDoS Attack

The controversial document-sharing site WikiLeaks was back online Monday evening after sustaining a week-long distributed denial-of-service attack. The organization apparently received some extra capacity and assistance from Web performance and security firm Cloudfare to counter the 10 gigabits p...

7.1AI score
Exploits0References5
securityvulns
securityvulns
added 2012/04/02 12:0 a.m.122 views

Quake 3 / ioquake3 traffic amplification vulnerability

Source of getstatus UDP message is not checked...

7.8CVSS2.3AI score0.0211EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns
added 2012/04/02 12:0 a.m.60 views

Traffic amplification via Quake 3-based servers

It has been discovered that spoofed "getstatus" UDP requests are being used by attackers0123 to direct status responses from multiple Quake 3-based servers to a victim, as a traffic amplification mechanism for a denial of service attack on that victim. Open-source games derived from the Quake 3...

1.9AI score
Exploits0
debian
debian
added 2012/03/31 11:43 a.m.44 views

[SECURITY] [DSA 2442-2] openarena regression

------------------------------------------------------------------------- Debian Security Advisory DSA-2442-2 [email protected] http://www.debian.org/security/ Florian Weimer March 31, 2012 http://www.debian.org/security/faq -...

7.8CVSS5.7AI score0.0211EPSS
Exploits0
osv
osv
added 2012/03/31 12:0 a.m.9 views

DSA-2442-2 openarena - UDP traffic amplification

Bulletin has no description...

7.2AI score
Exploits0
nessus
nessus
added 2012/03/27 12:0 a.m.35 views

Debian DSA-2442-2 : openarena - UDP traffic amplification

It has been discovered that spoofed 'getstatus' UDP requests are being sent by attackers to servers for use with games derived from the Quake 3 engine such as openarena. These servers respond with a packet flood to the victim whose IP address was impersonated by the attackers, causing a denial of...

7.8CVSS5.3AI score0.0211EPSS
Exploits0References4
debian
debian
added 2012/03/26 8:5 p.m.32 views

[SECURITY] [DSA 2442-1] openarena security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2442-1 [email protected] http://www.debian.org/security/ Florian Weimer March 26, 2012 http://www.debian.org/security/faq -...

7.8CVSS5.9AI score0.0211EPSS
Exploits0
osv
osv
added 2012/03/26 12:0 a.m.16 views

DSA-2442-1 openarena - UDP traffic amplification

Bulletin has no description...

7.8CVSS6AI score0.0211EPSS
Exploits0
nessus
nessus
added 2012/01/16 12:0 a.m.36 views

FreeBSD : Multiple implementations -- DoS via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d)

oCERT reports : A variety of programming languages suffer from a denial-of-service DoS condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue finds particul...

7.8CVSS7.1AI score0.0436EPSS
Exploits3References7
Rows per page
Query Builder