14 matches found
EUVD-2000-0404
Malware in sbrugna...
EUVD-2017-1540
Malware in sbrugna...
CVE-2020-25926
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...
Information disclosure
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...
CVE-2022-25726
CVE-2022-25726 concerns information disclosure in Qualcomm modem data due to an array out-of-bounds access while handling the incoming DNS response packet. Affected component is Qualcomm chipsets/controllers with modem functionality; root cause described as improper bounds/length handling during ...
CVE-2022-25726 Buffer Over-read in MODEM
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...
CVE-2020-25926
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...
CVE-2020-25928
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: DNS response processing functions: dnsupcall, getoffset, dncsetanswer. The attack vector is: a specific DNS response packet. The code does not che...
CVE-2020-25928
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code remote. The component is: DNS response processing functions: dnsupcall, getoffset, dncsetanswer. The attack vector is: a specific DNS response packet. The code does not che...
CVE-2020-25926
Summary of CVE-2020-25926 (INFRA:HALT) in HCC Embedded/NicheStack: The DNS client in InterNiche NicheStack TCP/IP (pre-4.3) suffers from insufficient entropy in DNS transaction IDs, enabling remote DNS cache poisoning via specially crafted responses. The related ICS/National advisories enumerate ...
EulerOS Virtualization 3.0.2.2 : c-ares (EulerOS-SA-2020-1480)
According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap-based buffer overflow in the arescreatequery function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial o...
Information Disclosure
rh-nodejs6-nodejs is vulnerable to information disclosure attacks. The vulnerability exists as the c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted i...
CVE-2017-1000381
The CVE affects the c-ares library, specifically the ares_parse_naptr_reply() function used to parse NAPTR responses. In c-ares versions prior to 1.13.0 (upstream fix in 1.13.0), a crafted DNS response can trigger an out-of-bounds read, causing memory access outside the input buffer. This can lea...
CVE-2000-0405
The CVE-2000-0405 entry affects L0pht AntiSniff and describes a buffer overflow in the way it handles DNS responses. A malformed DNS response packet could allow remote attackers to execute arbitrary commands on the affected system. The root cause is the overflow in the DNS-response processing pat...