24 matches found
Exploit for Heap-based Buffer Overflow in Microsoft
CVE-2026-41096 - Crash PoC Heap overflow in DnsRawTruncateMe...
CVE-2026-27853 Out-of-bounds write when rewriting large DNS packets
An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535...
CVE-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
CVE-2026-4437
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
Important: bind
Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...
GO-2025-3415 DoS in Cilium agent DNS proxy from crafted DNS responses in github.com/cilium/cilium
DoS in Cilium agent DNS proxy from crafted DNS responses in github.com/cilium/cilium...
CVE-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...
CVE-2025-23028 DoS in Cilium agent DNS proxy from crafted DNS responses
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an...
CVE-2025-23028
Cilium DoS (CVE-2025-23028): A crafted DNS response can crash Cilium agents in clusters proxying DNS traffic, affecting versions 1.14.0–1.14.7, 1.15.0–1.15.11, and 1.16.0–1.16.4. Impact varies by DNS policy: traffic allowed without DNS-based policy continues; DNS-policyed connections may be disru...
CLSA-2023-1700160963 Fix CVE(s): CVE-2023-42117, CVE-2023-42119
SECURITY UPDATE: Remote code execution because of improper neutralization of special elements - debian/patches/CVE-2023-42117.patch: fix stringisipaddress - CVE-2023-42117 SECURITY UPDATE: dnsdb out-of-bounds read information disclosure - debian/patches/CVE-2023-42119.patch: harden dnsdb against...
SUSE CVE-2015-5986
openpgpkey61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a crafted DNS response...
EulerOS 2.0 SP8 : openldap (EulerOS-SA-2020-1169)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the...
Code injection
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with crafted DNS responses...
CVE-2003-1579
Sun ONE aka iPlanet Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing...
CVE-2003-1580
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-lev...
CVE-2003-1578
Sun ONE aka iPlanet Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning...
CVE-2003-1578
Sun ONE aka iPlanet Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning...
CVE-2003-1579
Sun ONE aka iPlanet Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing...
CVE-2003-1580
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-lev...
CVE-2003-1578
The CVE-2003-1578 entry concerns Sun ONE (iPlanet) Web Server 4.1–SP12 and 6.0–SP5 when DNS resolution is enabled for client IPs. The underlying issue, described as an Inverse Lookup Log Corruption (ILLC) vulnerability, allows remote attackers to hide HTTP requests from the log-preview functional...