Lucene search
K

85 matches found

OSV
OSV
added 2023/08/22 12:0 a.m.31 views

CVE-2022-48063

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function loadseparatedebugfiles at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

5.5CVSS9.5AI score0.00483EPSS
Exploits1References5
CVE
CVE
added 2023/08/22 12:0 a.m.173 views

CVE-2022-48063

The connected sources confirm CVE-2022-48063 affects GNU Binutils prior to 2.40. The vulnerability is an excessive memory consumption issue in the load_separate_debug_files function (dwarf2.c). An attacker could create a crafted ELF file to trigger a DNS-based denial of service. Impact is limited...

5.5CVSS6AI score0.00483EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/08/22 12:0 a.m.194 views

CVE-2022-48064

CVE-2022-48064 affects GNU Binutils up to version 2.40, where an excessive memory consumption vulnerability in bfd_dwarf2_find_nearest_line_with_alt (dwarf2.c) can be triggered by a crafted ELF file, enabling a remote attacker to cause a DNS attack. IBM/Red Hat/Amazon advisories indicate this req...

5.5CVSS6AI score0.0059EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2023/08/22 12:0 a.m.36 views

CVE-2022-48064

GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfddwarf2findnearestlinewithalt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack...

5.5CVSS6.1AI score0.0059EPSS
Exploits1
Kitploit
Kitploit
added 2023/07/19 12:30 p.m.118 views

Network_Assessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the network you monitor. This Python script analyzes network traffic in a given .pcap file and attempts to detect the following suspicious network activities and attack...

7.1AI score
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.67 views

K09604370: Linux kernel vulnerability CVE-2020-25705

Security Advisory Description A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this...

7.4CVSS7AI score0.06692EPSS
Exploits1Affected Software15
F5 Networks
F5 Networks
added 2022/12/29 1:30 a.m.105 views

K41440465: BIG-IP TMM vulnerability CVE-2022-26071

Security Advisory Description A flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel TMM allows an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. CVE-2022-26071 Impact A...

7.5CVSS7.4AI score0.01002EPSS
Exploits0Affected Software15
CNNVD
CNNVD
added 2022/08/17 12:0 a.m.1 views

GNU Binutils 资源管理错误漏洞

GNU Binutils is a set of tools for working with binary files. A resource management error vulnerability exists in GNU Binutils, which stems from the function bfddwarf2findnearestlinewithalt in dwarf2.c containing an excessive memory consumption vulnerability that can be exploited by an attacker t...

5.5CVSS6.7AI score0.0059EPSS
Exploits1References8
The Hacker News
The Hacker News
added 2021/11/19 5:38 a.m.73 views

New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks

Researchers have demonstrated yet another variant of the SAD DNS cache poisoning attack that leaves about 38% of the domain name resolvers vulnerable, enabling attackers to redirect traffic originally destined to legitimate websites to a server under their control. "The attack allows an off-path...

6.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/19 12:0 a.m.99 views

F5 Networks BIG-IP : Linux kernel vulnerability (K09604370)

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...

7.4CVSS7.1AI score0.06692EPSS
Exploits1References2
HackRead
HackRead
added 2020/11/26 3:45 a.m.48 views

GoDaddy employees tricked in attack against cryptocurrency firms

By Deeba Ahmed Earlier this month, hackers targeted GoDaddy customers to modify the DNS settings of at least two cryptocurrency website. Here's what happened. This is a post from HackRead.com Read the original post: GoDaddy employees tricked in attack against cryptocurrency firms...

2.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/13 7:12 a.m.187 views

SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

A group of academics from the University of California and Tsinghua University has uncovered a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks. Dubbed "SAD DNS attack" short for Side-channel AttackeD DNS, the technique makes it possible for a maliciou...

7.4CVSS7.3AI score0.06692EPSS
Exploits1
NVD
NVD
added 2019/10/29 7:15 p.m.45 views

CVE-2019-3979

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's...

7.5CVSS7.7AI score0.00917EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/28 9:33 p.m.43 views

CVE-2019-3979

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router's...

7.6AI score0.00917EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2019/05/08 4:0 p.m.123 views

When "Customers" Attack DNS

Be real. A Communications Service Provider's CSP's customer will not use their home to attack the Domain Name System DNS. They might as well unplug from the Internet. Yet, customers get infected, CPEs get violated, and miscreants all over the Internet reflect attacks off CSP customers to attack...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2014/11/24 5:11 p.m.9 views

Craigslist Back Online Following DNS Hijack

The popular classifieds website Craigslist is back online today following a DNS attack that forced it offline for several hours Sunday evening. According to a blogpost Sunday night by Craigslist’s CEO Jim Buckmaster, DNS records maintained at one of Craigslist’s domain registrars were compromised...

1.4AI score
Exploits0References1
Hacker One
Hacker One
added 2013/12/04 2:17 p.m.74 views

Internet Bug Bounty: TLS Virtual Host Confusion

I am a security researcher at INRIA Paris in team PROSECCO http://prosecco.inria.fr We have been investigating a new class of attacks against the deployment of TLS on the Web. The main idea behind these attacks is that when two servers host different domains but share the same certificate which...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2013/08/28 5:52 p.m.11 views

New York Times, Twitter and Huffington Post Domains hijacked by Syrian Electronic Army

Media companies including the New York Times, Twitter and the Huffington Post has been unavailable since Tuesday after the external malicious attack by a group of hackers supporting Syrian President Bashar Assad. For the second time this month, the New York Times' website has gone down. "The New...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/11/27 10:55 a.m.7 views

Go Daddy Sites Serve Up Ransomware Malware

Domain name registrar and website hosting provider Go Daddy is responding to a DNS attack targeting a "small number" of its hosted websites that one security firm said is enabling cyber criminals to spread ransomware. The DNS Domain Name System is what transfers host-names into IP addresses,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2011/09/06 11:12 p.m.15 views

Cyberwar between Israel and Turkish Hacker

Cyberwar between Israel and Turkish Hacker Turkish hacker "TurkGuvenligi" hijacked some 350 Israeli websites on Sunday evening, launching a Domain Name System DNS attack on at least seven high-profile websites including The Telegraph, Acer, National Geographic, UPS and Vodafone as well. Visitors ...

6.9AI score
Exploits0
Rows per page
Query Builder