11 matches found
Improper Authentication in pip
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
PYSEC-2019-160
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2013-5123
The mirroring support -M, --use-mirrors in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks...
CVE-2019-10191
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol...
CVE-2019-10191
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol...
CVE-2019-10191
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol...
Man-in-the-Middle (MitM)
kafka-clients is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists because it uses InetAddress.getHostName to perform hostname verification by using the hostname obtained through a reverse DNS lookup. Therefore, the authentication relies on the secure DNS. The attack is only...
openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)
php5 was updated to prevent insecure DNS TXT record parsing. This security issue was fixed : - Heap-based buffer overflow in DNS TXT record parsing CVE-2014-4049 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...