7 matches found
Mandriva Linux Security Advisory : bind (MDVSA-2008:139)
A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic CVE-2008-1447. This update provides the latest stable BIND release...
Gentoo Security Advisory GLSA 200901-03 (pdnsd)
The remote host is missing updates announced in advisory GLSA 200901-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
pdnsd: Denial of Service and cache poisoning
Background pdnsd is a proxy DNS server with permanent caching that is designed to cope with unreachable DNS servers. Description Two issues have been reported in pdnsd: The pexecquery function in src/dnsquery.c does not properly handle many entries in the answer section of a DNS reply, related to...
CVE-2008-4194
CVE-2008-4194 affects pdnsd, a persistent DNS proxy/cache. The vulnerability is in the p_exec_query() function (src/dns_query.c) and arises when handling large DNS replies that contain many entries in the answer section, described as a “dangling pointer bug.” This can allow remote attackers to tr...
CVE-2008-4194
creationtimestamp| type| source ---|---|--- 2008-07-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6122 2008-07-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6123 2008-07-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6130...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : bind9 vulnerability (USN-622-1)
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic. Note that Tenable Network Security has extracted the preceding...
Solaris 9 (x86) : 114265-23
SunOS 5.9x86: in.dhcpd libresolv and BIND. Date this patch was last updated by Sun : Jul/21/11 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...