7 matches found
AlmaLinux 10 : bind (ALSA-2026:24338)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24338 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...
AZL-32281 CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and...
Cisco Patch-Palooza Tackles 29 High-Severity Bugs
Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant’s ubiquitous IOS operating system. The patches plug holes in a wide range of products and address denial-of-service, file overwrite and input validation attacks. The advisory was planned and part o...
SUSE-SU-2017:2618-1 Security update for dnsmasq
This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. bsc1060354 - CVE-2017-14492: heap based overflow. bsc1060355 - CVE-2017-14493: stack based overflow. bsc1060360 - CVE-2017-14494: DHCP - info leak. bsc1060361 - CVE-2017-14495: DNS - OOM DoS...
CVE-2012-1667
CVE-2012-1667 affects ISC BIND 9.x before patched releases (examples: 9.7.6-P1, 9.8.3-P1, 9.9.1-P1; and 9.4-ESV/9.6-ESV before listed P1s). The vulnerability arises from improper handling of resource records with a zero-length RDATA, enabling remote DNS servers to trigger a DoS (daemon crash or d...
GlowWorm FW DoS
Infinite recursion on DNS reply packets parsing...
Cisco equipment DNS DoS
Failure in compressed DNS packets parsing...