Lucene search
+L

55 matches found

nessus
nessus
added 2024/02/26 12:0 a.m.65 views

RHEL 9 : unbound (RHSA-2024:0977)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0977 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU...

7.5CVSS7.2AI score0.99995EPSS
Exploits1References6
nessus
nessus
added 2024/02/25 12:0 a.m.46 views

CentOS 8 : unbound (CESA-2024:0965)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0965 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

7.5CVSS6.9AI score0.99995EPSS
Exploits1References3
nessus
nessus
added 2024/02/22 12:0 a.m.35 views

Fedora 38 : pdns-recursor (2024-4e36df9dfd)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4e36df9dfd advisory. Update to latest upstream. Fixes CVE-2023-50387 and CVE-2023-50868 Tenable has extracted the preceding description block directly from the Fedora...

7.5CVSS7.1AI score0.99995EPSS
Exploits1References3
nessus
nessus
added 2024/02/21 12:0 a.m.33 views

Debian dla-3736 : libunbound-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3736 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3736-1 [email protected]...

7.5CVSS7.1AI score0.99995EPSS
Exploits1References6
nessus
nessus
added 2024/02/19 12:0 a.m.32 views

Fedora 39 : dnsmasq (2024-e24211eff0)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e24211eff0 advisory. https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html Tenable has extracted the preceding description block directly from the...

7.5CVSS7AI score0.99995EPSS
Exploits1References3
veracode
veracode
added 2024/02/18 6:35 a.m.67 views

Denial Of Service

dnsmasq is vulnerable to Denial of Service. The vulnerability due to KeyTrap issue when dealing with a zone that contains numerous DNSKEY DNS Key and RRSIG Resource Record Signature records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG...

7.5CVSS6.6AI score0.99995EPSS
Exploits0References31Affected Software7
nessus
nessus
added 2024/02/18 12:0 a.m.30 views

Fedora 39 : unbound (2024-2e26eccfcb)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2e26eccfcb advisory. - https://nlnetlabs.nl/projects/unbound/security-advisories/ - Secure again control channel. Tenable has extracted the preceding description block...

7.5CVSS7AI score0.99995EPSS
Exploits1References3
osv
osv
added 2024/02/14 4:15 p.m.1 views

DEBIAN-CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS7AI score0.99995EPSS
Exploits0References1
osv
osv
added 2024/02/14 4:15 p.m.4 views

AZL-34559 CVE-2023-50387 affecting package bind for versions less than 9.20.0-1

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS6.7AI score0.99995EPSS
Exploits0References1
susecve
susecve
added 2024/02/14 3:57 a.m.6 views

SUSE CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS6.5AI score0.99995EPSS
Exploits0References19
debiancve
debiancve
added 2024/02/14 12:0 a.m.109 views

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.5CVSS7AI score0.99995EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/02/14 12:0 a.m.16 views

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.8AI score0.99995EPSS
Exploits0References30
cvelist
cvelist
added 2024/02/14 12:0 a.m.92 views

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...

7.8AI score0.99995EPSS
Exploits0References30
nessus
nessus
added 2024/02/14 12:0 a.m.63 views

Debian dsa-5621 : bind9 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5621 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic,...

7.5CVSS6.9AI score0.99995EPSS
Exploits1References15
nessus
nessus
added 2024/02/14 12:0 a.m.46 views

Debian dsa-5620 : libunbound-dev - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5620 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5620...

7.5CVSS7.1AI score0.99995EPSS
Exploits1References7
Rows per page
Query Builder