EUVD-2008-4373

Malware in sbrugna...

pqc_kyber KyberSlash: division timings depending on secrets

Various Kyber software libraries in various environments leak secret information into timing, specifically because these libraries include a line of code that divides a secret numerator by a public denominator, the number of CPU cycles for division in various environments varies depending on the...

Ubuntu 14.04 LTS / 16.04 LTS : GnuPG vulnerability (USN-3733-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3733-1 advisory. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom...

Petya of Salsa: a modified algorithm to bring the defect-vulnerability warning-the black bar safety net

Previously the Hubble analysis of the system describes about the modified MBR for disk encryption extortion Trojan Petya's. Recently Leo Stone gives crack Petya key full blasting code and decrypt tool, and noted that Petya author is using a variant of the Salsa20 algorithm to perform key...

CVE-2012-1191

The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names"...

CVE-2012-1191

CVE-2012-1191 affects the dns resolver in djbdns’s dnscache (version 1.05). The vulnerability arises when processing an A record response, where the resolver overwrites cached NS record names and TTLs, enabling a ghost-domain names attack that can keep revoked domains resolvable. The issue is doc...

DSA-1831-1 djbdns - privilege escalation

Bulletin has no description...

CVE-2009-0858

The responseaddname function in response.c in Daniel J. Bernstein djbdns 1.05 and earlier does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary record...

Code injection

dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority SOA query...

CVE-2008-4392

CVE-2008-4392 concerns the dns cache in the Berkeley dnscache (djbdns 1.05) where concurrent identical outbound DNS queries are not prevented. This can allow remote attackers to spoof DNS responses, demonstrated by a spoofed A record in an SOA response. Connected sources (Nessus/OpenVAS/Fedora ad...