12 matches found
K37661551: Unbound DNS Cache vulnerabilities CVE-2020-12662 and CVE-2020-12663
Security Advisory Description CVE-2020-12662 Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. CVE-2020-12663 Unbound before 1.10.1 has an infinite loop via malformed DNS answer...
pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities
According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...
NewStart CGSL CORE 5.04 / MAIN 5.04 : unbound Multiple Vulnerabilities (NS-SA-2020-0079)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an NXNSAttack issue. This is triggered by random subdomains in the...
EulerOS 2.0 SP3 : unbound (EulerOS-SA-2020-2058)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted...
EulerOS 2.0 SP8 : unbound (EulerOS-SA-2020-1830)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue. This is triggered by random subdomains in...
NewStart CGSL MAIN 6.01 : unbound Multiple Vulnerabilities (NS-SA-2020-0037)
The remote NewStart CGSL host, running version MAIN 6.01, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This...
RHEL 8 : unbound (RHSA-2020:2418)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2418 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: amplification of an...
CVE-2020-12663
A flaw was found in unbound in versions prior to 1.10.1. An infinite loop can be created when malformed DNS answers are received from upstream servers. The highest threat from this vulnerability is to system availability...
EUVD-2020-4962
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers...
CVE-2020-12663
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers...
Collect DNS Records Passively: PassiveDNS
Collect DNS Records Passively A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can...
Passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics. PassiveDNS sniffes traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers...