74 matches found
PT-2024-27084 · Unknown · Dnscrypt-Proxy
Name of the Vulnerable Software and Affected Versions: DNSCrypt-proxy versions 2.0.0alpha9 through 2.1.5 Description: The issue is related to insecure permissions in DNSCrypt-proxy, allowing non-privileged attackers to escalate privileges to root. This can be achieved by overwriting the binary...
CVE-2024-36587
CVE-2024-36587 : DNSCrypt-proxy (v2.0.0alpha9–v2.1.5) contains insecure permissions that allow a non-privileged attacker to escalate to root by overwriting the dnscrypt-proxy binary. Multiple sources confirm local privilege escalation due to trust of the binary and improper permission handling. A...
CVE-2024-36587
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to escalate privileges to root via overwriting the binary dnscrypt-proxy...
SUSE: Security Advisory (SUSE-SU-2023:2777-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:2777-1 Security update for dnsdist
This update for dnsdist fixes the following issues: - Implements package 'dnsdist' with version 1.8.0 in SLE15. jscPED-3402 - Downstream DNS resolver configuration should be chosen by the admin - Security fix: fixes a possible record smugging with a crafted DNS query with trailing data...
Debian: Security Advisory (DLA-3455-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3455-1] golang-go.crypto security update
Debian LTS Advisory DLA-3455-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 16, 2023 https://wiki.debian.org/LTS Package : golang-go.crypto Version : 1:0.0git20181203.505ab14-1+deb10u1 CVE ID : CVE-2019-11840 CVE-2019-11841 CVE-2020-9283 Debian Bug : 95246...
SUSE CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
Fedora: Security Advisory for dnscrypt-proxy (FEDORA-2022-5ef0bd9a27)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: dnscrypt-proxy-2.1.1-5.fc36
A flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP/2. Features: - DNS traffic encryption and authentication. Supports DNS-over-HTTPS DoH and DNSCrypt. - DNSSEC compatible - DNS query monitoring, with separate log files for regular and...
Fedora: Security Advisory for dnscrypt-proxy (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for dnscrypt-proxy (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Unbound integer overflow vulnerability (CNVD-2021-32626)
Unbound is a DNS resolver that supports validation, recursion, and caching features. An integer overflow vulnerability exists in the size calculation in dnscrypt/dnscrypt.c in versions of Unbound prior to 1.9.5. No detailed vulnerability details are provided at this time...
DEBIAN-CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
Integer overflow
DISPUTED Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
UBUNTU-CVE-2019-25038
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...
CVE-2019-25038
Unbound prior to 1.9.5 contains an integer overflow in a size calculation in dnscrypt/dnscrypt.c (CVE-2019-25038). The issue is described across multiple sources as potentially vulnerable code, but vendor disputes that it is exploitable in running installations. Affected versions are those before...