Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/19 12:0 a.m.37 views

Amazon Linux 2 : unbound (ALAS-2024-2468)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2468 advisory. NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. Th...

6.5CVSS6.9AI score0.00868EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.33 views

Rocky Linux 9 : unbound (RLSA-2022:8062)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8062 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...

6.5CVSS6.9AI score0.00868EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.30 views

Rocky Linux 8 : unbound (RLSA-2022:7622)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7622 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...

6.5CVSS6.9AI score0.00868EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.57 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2023-078)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-078 advisory. NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by targeting an Unbound instance. Unbound is queri...

7.5CVSS6.9AI score0.01293EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.42 views

Amazon Linux 2022 : python3-unbound, unbound, unbound-anchor (ALAS2022-2023-265)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-265 advisory. NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by targeting an Unbound instance. Unbound is queri...

7.5CVSS6.9AI score0.01293EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.34 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2023-1236)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.01293EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.38 views

AlmaLinux 9 : unbound (ALSA-2022:8062)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8062 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...

6.5CVSS6.9AI score0.00868EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.27 views

Oracle Linux 8 : unbound (ELSA-2022-7622)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7622 advisory. 1.16.2-2 - Require openssl tool for unbound-keygen 2018806 1.16.2-1 - Update to 1.16.2 2027735 1.16.0-2 - Restart keygen service before every unbound...

6.5CVSS7AI score0.00868EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.74 views

AlmaLinux 8 : unbound (ALSA-2022:7622)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7622 advisory. - NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the ghost domain names attack. The vulnerability works by...

6.5CVSS6.9AI score0.00868EPSS
Exploits0References3
OSV
OSV
added 2022/08/01 3:15 p.m.42 views

CVE-2022-30698

NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the...

6.5CVSS2AI score0.00868EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/08/01 3:15 p.m.38 views

CVE-2022-30698

NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the...

6.5CVSS6.7AI score0.00868EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/08/01 3:15 p.m.49 views

CVE-2022-30699

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue...

6.5CVSS6.7AI score0.00868EPSS
Exploits0References3
Prion
Prion
added 2022/08/01 3:15 p.m.36 views

Design/Logic Flaw

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue...

4CVSS6.3AI score0.00868EPSS
Exploits0References5Affected Software2
Prion
Prion
added 2022/08/01 3:15 p.m.23 views

Design/Logic Flaw

NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the...

4CVSS6.3AI score0.00868EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2022/08/01 2:13 p.m.29 views

CVE-2022-30699 Novel "ghost domain names" attack by updating almost expired delegation information

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue...

6.7AI score0.00868EPSS
Exploits0References5
Prion
Prion
added 2012/03/28 10:55 a.m.13 views

Code injection

The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain name...

4.3CVSS7AI score0.02481EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2012/03/28 10:55 a.m.5 views

CVE-2012-1570

The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain name...

6.7AI score
Exploits0References11
Cvelist
Cvelist
added 2012/03/28 10:0 a.m.18 views

CVE-2012-1570

The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain name...

6.4AI score0.02481EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2012/02/17 10:55 p.m.32 views

CVE-2012-1193

The resolver in PowerDNS Recursor aka pdnsrecursor 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack...

6.4CVSS5.9AI score0.0594EPSS
Exploits1References2
OSV
OSV
added 2012/02/17 10:55 p.m.10 views

CVE-2012-1191

The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names"...

6.6AI score
Exploits0References1
Rows per page
Query Builder