PT-2023-20163 · Unknown +6 · Gss-Ntlmssp +6

Name of the Vulnerable Software and Affected Versions: GSS-NTLMSSP versions prior to 1.2.0 Description: The issue is related to an incorrect free when decoding target information, which can trigger a denial of service. This occurs because the error condition incorrectly assumes the cb and sh...

Debian dla-3315 : libsox-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3315 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3315-1 [email protected]...

EulerOS 2.0 SP8 : mariadb (EulerOS-SA-2023-1327)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table-getrefcount == 0 in dict0dict.cc. CVE-2022-32082 - In MariaDB...

Denial Of Service (DoS)

avahi is vulnerable to Denial of Service DoS attacks. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames...

Fedora 36 : bind / bind-dyndb-ldap (2023-a3d608daf4)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a3d608daf4 advisory. - Release notes Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2023-1280)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : openldap (EulerOS-SA-2023-1280)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd...

K000132268: BIND vulnerability CVE-2022-3924

Security Advisory Description This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding...

CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

AZL-13227 CVE-2022-3924 affecting package bind for versions less than 9.16.37-2

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

DEBIAN-CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

ALPINE-CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

CVE-2022-3924

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

Design/Logic Flaw

This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clien...

Design/Logic Flaw

Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such a...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.16.37-i586-1slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: An UPDATE message flood could caus...

CVE-2022-3488

Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such a...

ISC BIND 9.16.12 < 9.16.37 / 9.16.12-S1 < 9.16.37-S1 / 9.18.0 < 9.18.11 / 9.19.0 < 9.19.9 Assertion Failure (cve-2022-3924)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3924 advisory. - This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option...

Fedora 37 : redis (2023-fbfe7a6cfe)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fbfe7a6cfe advisory. Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023 Security Fixes: CVE-2022-35977 Integer overflow in the Redis SETRANGE and SORT/SORTRO commands can...

ISC BIND 9.11.4-S1 < 9.16.37-S1 / 9.16.8-S1 < 9.16.37-S1 Assertion Failure (cve-2022-3488)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2022-3488 advisory. - Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is...