Security Bulletin: IBM Maximo Application Suite - IOT Component uses dnspython-1.16.0-py2.py3-none-any.whl which is vulnerable to CVE-2023-29483

Summary IBM Maximo Application Suite - IOT Component uses dnspython-1.16.0-py2.py3-none-any.whl which is vulnerable to CVE-2023-29483. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-29483 DESCRIPTION: Dnspython is vulnerable to...

CVE-2023-29483

The dnspython stub resolver is vulnerable to a denial of service DoS risk if an attacker sends a malicious response forged with the correct address and port before a legitimate one arrives on the UDP port used by dnspython for the query. In such cases, dnspython could either switch to another...

SUSE CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

a2grunnerp (>=0.1.0 <=0.1.8), accesser (>=0.8.0 <=0.8.5) +395 more potentially affected by CVE-2023-29483 via dnspython (>=1.14.0 <=2.5.0)

dnspython PYPI version =1.14.0, =0.1.0, =0.8.0, =0.4.0, =2.1.3, =0.0.1, =0.5.5, =0.61.9, =1.1.0, =0.4.5, =0.8.2, =2020.5.20rc1, =1.5.0, =3.2.2 and more Source cves: CVE-2023-29483 Source advisory: OSV:GHSA-3RQ5-2G8H-59HC...

GHSA-3RQ5-2G8H-59HC vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-dnspython...

GHSA-3RQ5-2G8H-59HC Potential DoS via the Tudoor mechanism in eventlet and dnspython

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

Potential DoS via the Tudoor mechanism in eventlet and dnspython

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

CVE-2023-29483 vulnerabilities

Vulnerabilities for packages: py3-dnspython, kubeflow-pipelines-visualization-server...

DEBIAN-CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

CVE-2023-29483 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, py3-dnspython...

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

CVE-2023-29483

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...

Dnspython < 2.6.0rc1 DoS

The version of dnspython installed on the remote host is prior to 2.6.0rc1. It is, therefore, affected by a denial of service DoS vulnerability. The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives...

Security Bulletin: Vulnerability in Dnspython affects IBM Process Mining CVE-2023-29483

Summary There is a vulnerability in Dnspython that could allow an remote attacker to cause a denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-29483...

Adidnsdump - Active Directory Integrated DNS Dumping By Any Authenticated User

By default any user in Active Directory can enumerate all DNS records in the Domain or Forest DNS zones, similar to a zone transfer. This tool enables enumeration and exporting of all DNS records in the zone for recon purposes of internal networks. For more info, read the associated blog post...

Knock v.4.1.1 - Subdomain Scan

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the...

DNSDiag - DNS Diagnostics And Performance Measurement Tools

Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to mak...

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter

A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. Web Pentest / Information Gathering: Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...