Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.4 views

Fedora 41 : dnsdist (2024-73b41ae8e5)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-73b41ae8e5 advisory. Update to latest upstream Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

7.5CVSS5.5AI score0.01078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/15 12:0 a.m.12 views

FreeBSD : dnsdist -- Transfer requests received over DoH can lead to a denial of service (f2d8342f-1134-11ef-8791-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f2d8342f-1134-11ef-8791-6805ca2fa271 advisory. - When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to...

7.5CVSS5.6AI score0.01078EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:5 p.m.1 views

DEBIAN-CVE-2024-25581

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS5.3AI score0.01078EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:5 p.m.14 views

CVE-2024-25581

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS7.5AI score0.01078EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/13 11:49 a.m.13 views

CVE-2024-25581 Transfer requests received over DoH can lead to a denial of service in DNSdist

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS7.3AI score0.01078EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/05/13 11:49 a.m.22 views

CVE-2024-25581

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS7.4AI score0.01078EPSS
Exploits0
OSV
OSV
added 2024/05/13 11:49 a.m.14 views

CVE-2024-25581 Transfer requests received over DoH can lead to a denial of service in DNSdist

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS7.1AI score0.01078EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/05/13 11:49 a.m.45 views

CVE-2024-25581

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer AXFR or IXFR over DNS over HTTPS, causing the process to stop...

7.5CVSS7.4AI score0.01078EPSS
Exploits0
CVE
CVE
added 2024/05/13 11:49 a.m.75 views

CVE-2024-25581

DNSDIST vulnerability CVE-2024-25581: When DNS over HTTPS is enabled (nghttp2 provider) and queries are routed to a tcp-only or DoT backend, an attacker can trigger an assertion failure by requesting a zone transfer (AXFR/IXFR) over DoH, causing the process to crash and a DoS. DoH is not enabled ...

7.5CVSS7.3AI score0.01078EPSS
Exploits0References2
Rows per page
Query Builder