13 matches found
USN-8349-2: rsync regression
USN-8349-1 fixed vulnerabilities in rsync. The update introduced multiple regressions in rsync functionality. This update fixes the problem. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : rsync vulnerabilities (USN-8349-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8349-1 advisory. Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote...
EEF-CVE-2026-42790 nameConstraints DNS bypass via subject CommonName fallback in public_key hostname verification
Summary Improper Certificate Validation vulnerability in Erlang OTP public\key pubkey\cert and public\key modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted...
CVE-2025-6432
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox 140 and Thunderbird 140...
Astra Linux – Vulnerability in Firefox
When Multi-Account Containers was enabled, DNS requests could bypass a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
The vulnerability of the Security Intelligence channel function in Cisco Firepower Threat Defense’s microprogramming-based network interface devices allows attackers to bypass the DNS channel of Security Intelligence.
The vulnerability of the Security Intelligence channel function in Cisco Firepower Threat Defense’s microprogramming system is related to the improper processing of unexpected data types. Exploiting this vulnerability can allow a malicious actor to bypass the Security Intelligence DNS channel by...
CVE-2020-0028
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
Cloudcheck - Checks Using A Test String If A Cloudflare DNS Bypass Is Possible Using CloudFail
Cloudcheck is made to be used in the same folder as CloudFail. Make sure all files in this repo are in the same folder before using. Also create a empty text file called none.txt in the data folder, that way it doesn't do a subdomain brute when testing. Cloudcheck will automatically change your...
Open redirect
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c an...
Let the administrator help you restart the server-the vulnerabilities and early warning-the black bar safety net
Go from: http://www.darkst.com/bbs/thread-38959-1-1.html Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what to do? Allow administrator to help us restar...
OpenSSH < 3.6.2 Reverse DNS Lookup Bypass
According to its banner, the remote host appears to be running OpenSSH-portable version 3.6.1 or older. There is a flaw in such version that could allow an attacker to bypass the access controls set by the administrator of this server. OpenSSH features a mechanism that can restrict the list of...
CVE-2002-0804
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname...