CVE-2022-33989

dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

EUVD-2013-1174

Malware in sbrugna...

CVE-2024-1226 Multiple vulnerabilities in Rejetto's Http File Server

The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...

DNS Cache Poisoning

graylog2-server is vulnerable to DNS Cache Poisoning. The vulnerability exists because the library uses a single source port for DNS queries, leading to cache poisoning attacks...

CVE-2023-26125

A flaw was found in Gin-Gonic Gin. This flaw allows a remote attacker to bypass security restrictions caused by improper input validation. An attacker can perform cache poisoning attacks by sending a specially-crafted request using the X-Forwarded-Prefix header. Mitigation Mitigation for this iss...

K15748: BIND vulnerability CVE-2010-0290

Security Advisory Description Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by...

USN-5090-4: Apache HTTP Server regression

USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote...

SUSE: Security Advisory (SUSE-SU-2021:14603-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

dnsmasq -- cache poisoning vulnerability in certain configurations

Simon Kelley reports: In configurations where the forwarding server address contains an @ character for specifying a sending interface or source address, the random source port behavior was disabled, making cache poisoning attacks possible. This only affects configurations of the form...

MGASA-2021-0059 Updated dnsmasq packages fix security vulnerability

Multiples vulnerabilities have been discovered in dnsmasq up to version 2.82: - subtle errors in dnsmasq's protections against cache-poisoning attacks CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686 - buffer overflow in dnsmasq's DNSSEC code CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 and...

OPENSUSE-SU-2021:0129-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: - bsc1177077: Fixed DNSpooq vulnerabilities - CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. - CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows...

OPENSUSE-SU-2021:0124-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: - bsc1177077: Fixed DNSpooq vulnerabilities - CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. - CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows...

SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2021:0163-1)

This update for dnsmasq fixes the following issues : bsc1177077: Fixed DNSpooq vulnerabilities CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when...

SUSE-SU-2021:0162-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: - bsc1177077: Fixed DNSpooq vulnerabilities - CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. - CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows...

dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities

Simon Kelley reports: There are broadly two sets of problems. The first is subtle errors in dnsmasq's protections against the chronic weakness of the DNS protocol to cache-poisoning attacks; the Birthday attack, Kaminsky, etc.... the second set of errors is a good old fashioned buffer overflow in...

Authorization Bypass

squid is vulnerable to authorization bypass. The vulnerability exists as it is possible to bypass same-origin restrictions, and also possible to conduct cache-poisoning attacks...

CVE-2017-10874

PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote attackers to conduct DNS cache poisoning attacks...

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Security: Added HTTP "Host" header character validation to prevent cache poisoning attacks when baseurl auto-detection is used. Security: Added FSCommand and seekSegmentTime to the "evil attributes" list in CISecurity::xssclean...

Authentication flaw

The Location Bandwidth Manager LBM Intracluster-communication feature in Cisco Unified Communications Manager CUCM 9.x before 9.11 does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause ...

Cross site request forgery (csrf)

Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request...