Lucene search
K

12 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.69 views

K37661551: Unbound DNS Cache vulnerabilities CVE-2020-12662 and CVE-2020-12663

Security Advisory Description CVE-2020-12662 Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. CVE-2020-12663 Unbound before 1.10.1 has an infinite loop via malformed DNS answer...

7.5CVSS6.7AI score0.03588EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.262 views

pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...

7.8CVSS6.8AI score0.03588EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.39 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : unbound Multiple Vulnerabilities (NS-SA-2020-0079)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an NXNSAttack issue. This is triggered by random subdomains in the...

7.5CVSS6.7AI score0.03588EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.32 views

EulerOS 2.0 SP3 : unbound (EulerOS-SA-2020-2058)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted...

7.5CVSS6.8AI score0.03588EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.46 views

EulerOS 2.0 SP8 : unbound (EulerOS-SA-2020-1830)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue. This is triggered by random subdomains in...

7.5CVSS6.7AI score0.03588EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.46 views

NewStart CGSL MAIN 6.01 : unbound Multiple Vulnerabilities (NS-SA-2020-0037)

The remote NewStart CGSL host, running version MAIN 6.01, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This...

7.5CVSS6.8AI score0.03588EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/06/08 12:0 a.m.43 views

RHEL 8 : unbound (RHSA-2020:2418)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2418 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: amplification of an...

7.5CVSS6.9AI score0.03588EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/05/19 5:55 p.m.46 views

CVE-2020-12663

A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers are received from upstream servers. The highest threat from this vulnerability is to system availability...

5CVSS1.9AI score0.03588EPSS
Exploits0References3
EUVD
EUVD
added 2020/05/19 1:48 p.m.1 views

EUVD-2020-4962

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers...

7.5CVSS6.5AI score0.03588EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2020/05/19 11:0 a.m.32 views

CVE-2020-12663

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers...

7.5CVSS6.8AI score0.03588EPSS
Exploits0References3
n0where
n0where
added 2015/02/07 5:57 p.m.21 views

Collect DNS Records Passively: PassiveDNS

Collect DNS Records Passively A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2014/04/07 11:29 p.m.23 views

Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers...

7.2AI score
Exploits0References1
Rows per page
Query Builder