EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2020-1637)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order...

BIND -- Remote Denial of Service vulnerability

ISC reports: An assertion check in BIND that is meant to prevent going beyond the end of a buffer when processing incoming data can be incorrectly triggered by a large response during zone transfer...

BIND -- Remote Denial of Service vulnerability

ISC reports: The asterisk character "" is allowed in DNS zone files, where it is most commonly present as a wildcard at a terminal node of the Domain Name System graph. However, the RFCs do not require and BIND does not enforce that an asterisk character be present only at a terminal node. A...

EulerOS 2.0 SP2 : bind (EulerOS-SA-2020-1676)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can,...

UBUNTU-CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

F5 Networks BIG-IP : BIND vulnerability (K05544642)

Using a specially crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration doe...

QEMU < 5.0.1 DoS Vulnerability

QEMU is prone to a denial of service DoS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

DEBIAN-CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

Authentication flaw

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

CVE-2020-10761

CVE-2020-10761 affects the Network Block Device (NBD) Server in all QEMU versions before 5.0.1. A remote nbd-client sending a spec-compliant request near the maximum permitted length can trigger an assertion failure, crashing the qemu-nbd server and causing a denial of service. The issue is roote...

CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the...

CVE-2020-10761

An assertion failure issue was found in the Network Block DeviceNBD Server of the QEMU. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting ...

CentOS 6 : bind (RHSA-2020:2383)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2383 advisory. - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can,...

RHEL 8 : bind (RHSA-2020:2404)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2404 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reac...

Open-Xchange: Panic in file smtp-address.c: line 684 (smtp_address_write): assertion failed: (smtp_char_is_qpair(*p))

Reproducer is running test suite against file crash2.txt and getting following output : ./src/testsuite/testsuite crash2.txt Test case: crash2.txt: testsuitecatena: Panic: file smtp-address.c: line 684 smtpaddresswrite: assertion failed: smtpcharisqpairp Abort trap: 6 Content or crash2.txt is...