12 matches found
EUVD-2024-55104
An issue in Technitium through v13.2.2 enables attackers to conduct a DNS cache poisoning attack and inject fake responses by reviving the birthday attack...
CVE-2023-28457
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful...
DNS Cache Poisoning
github.com/coredns/coredns is vulnerable to DNS Cache Poisoning. The vulnerability is due to manipulation of the DNS caching mechanism through a birthday attack, which allows attackers to achieve DNS cache poisoning by injecting fake responses...
SUSE CVE-2023-30464
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack...
Authentication Bypass by Spoofing
Overview github.com/coredns/coredns/plugin/pkg/proxy is a package that implements a forwarding proxy. It caches an upstream net.Conn for some time, so if the same client returns the upstream's Conn will be precached. Affected versions of this package are vulnerable to Authentication Bypass by...
GHSA-H92Q-FGPP-QHRQ CoreDNS Cache Poisoning via a birthday attack
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack...
CoreDNS Cache Poisoning via a birthday attack
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack...
CVE-2023-28457
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful...
CVE-2023-28457
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache poisoning attack and inject fake responses within 1 second, which is impactful...
CVE-2023-30464
CVE-2023-30464 affects CoreDNS up to version 1.10.1, where the DNS cache can be poisoned and fake responses injected via a birthday attack. The root cause details are not fully disclosed in the provided documents, but multiple sources consistently describe a CoreDNS DNS cache poisoning vector via...
CVE-2023-30464
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack...
STARTTLS protocol injection via MITM
When curl connects to an IMAP, POP3, SMTP or FTP server to exchange data securely using STARTTLS to upgrade the connection to TLS level, the server can still respond and send back multiple responses before the TLS upgrade. Such multiple pipelined responses are cached by curl. curl would then...