Lucene search
+L

8 matches found

euvd
euvd
added 2026/06/12 2:33 p.m.10 views

EUVD-2026-36489

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

8.7CVSS5.3AI score0.00292EPSS
Exploits0References3
github
github
added 2026/06/08 11:2 p.m.14 views

Netty has Insufficient Bailiwick Validation for NS Records

Summary Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name server for a subdomain can poison the cache for parent domains like .co.uk. Details In...

10CVSS5.5AI score0.00292EPSS
Exploits0References13Affected Software1
veracode
veracode
added 2020/08/06 9:34 p.m.38 views

Amplification Attacks

PowerDNS Recursor is vulnerable toamplification attacks. It does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafte...

7.5CVSS4.5AI score0.04372EPSS
Exploits0References8Affected Software1
prion
prion
added 2020/05/19 5:15 p.m.28 views

Design/Logic Flaw

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted rep...

5CVSS7.4AI score0.04372EPSS
Exploits0References6Affected Software5
freebsd
freebsd
added 2020/05/19 12:0 a.m.69 views

powerdns-recursor -- multiple vulnerabilities

PowerDNS Team reports: CVE-2020-10995: An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between...

8.8CVSS3.4AI score0.23889EPSS
Exploits0References1
thn
thn
added 2013/04/24 3:50 p.m.14 views

Who Needs a Botnet when you have a 4 Gbps DDoS Cannon?

In recent months the DDoS world has shifted from complex small scale Botnet attacks to much larger network based DDoS attacks, perpetrated largely by hijacked web servers. How many of these hijacked servers are out there remains to be seen. However, Incapsula recently got a very good idea of just...

6.6AI score
Exploits0
thn
thn
added 2013/04/24 4:50 a.m.11 views

Who Needs a Botnet when you have a 4 Gbps DDoS Cannon?

In recent months the DDoS world has shifted from complex small scale Botnet attacks to much larger network based DDoS attacks, perpetrated largely by hijacked web servers. How many of these hijacked servers are out there remains to be seen. However, Incapsula recently got a very good idea of just...

6.6AI score
Exploits0
threatpost
threatpost
added 2013/03/20 9:51 p.m.14 views

Cautious Optimism over Google DNSSEC Deployment

Google’s announcement that its Google Public DNS resolution service now supports DNSSEC is being applauded, but experts caution that despite Google’s high profile, this only puts a slight dent in a larger issue. “I think it’s great that Google is getting involved and supporting validation for...

6.9AI score
Exploits0
Rows per page
Query Builder