7 matches found
Fedora 17 : ndjbdns-1.05.5-1.fc17 (2012-20967)
This fixes two of the cache poisoning issue in the DNS resolver - dnscache. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
Fedora Update for ndjbdns FEDORA-2012-20967
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
djbdns dnscache SOA请求远程缓存中毒漏洞
BUGTRAQ ID: 33818 CVECAN ID: CVE-2008-4392 djbdns是一个由Qmail的作者所设计的轻量级DNS server。 djbdns的dnscache服务组件没有正确地处理SOA记录,如果远程攻击者持续的向服务器发送大量的SOA请求和伪造回复,就会增加DNS缓存投毒攻击的成功概率。 D. J. Bernstein djbdns 1.05 厂商补丁: D. J. Bernstein --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2008-4392
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority SOA query...
CVE-2008-4392
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority SOA query...
CVE-2008-4392
CVE-2008-4392 concerns the dns cache in the Berkeley dnscache (djbdns 1.05) where concurrent identical outbound DNS queries are not prevented. This can allow remote attackers to spoof DNS responses, demonstrated by a spoofed A record in an SOA response. Connected sources (Nessus/OpenVAS/Fedora ad...
CVE-2008-4392
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority SOA query...