32 matches found
EUVD-2021-0929
Malware in sbrugna...
EUVD-2021-1368
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-17419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in setTA in scanrr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone parsing error causes a segmentation violation...
Linux Distros Unpatched Vulnerability : CVE-2019-19794
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The...
SUSE CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
go-resolver 数据伪造问题漏洞
go-resolver is a Golang DNSSEC validation parser library implemented on top of miekg/dns by the peterzen personal developer. A security vulnerability exists in go-resolver, which stems from DNSSEC authentication not being performed correctly...
Denial of Service in miekg-dns
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
GHSA-P55X-7X9V-Q8M4 Denial of Service in miekg-dns
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
miekg/dns insecurely generates random numbers
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
GHSA-44R7-7P62-Q3FR miekg/dns insecurely generates random numbers
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
miekg/dns parsing error leads to nil pointer dereference and DoS
An issue was discovered in setTA in scanrr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone parsing error causes a segmentation violation, leading to denial of service...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
Insecure Random Generator
github.com/miekg/dns uses an insecure random generation for transaction IDs. The default Id function uses an insecure math/rand function, resulting in predictable output and allowing an attacker to exploit the vulnerability to forge responses without being on path...
Unspecified vulnerability in miekg Go DNS package
miekg Go DNS package is a DNS server software package. A security vulnerability exists in miekg Go DNS package versions prior to 1.1.25 used in CoreDNS versions prior to 1.6.6 and other products, which stems from the program not properly generating random numbers. An attacker can exploit the...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
DEBIAN-CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
UBUNTU-CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
Design/Logic Flaw
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
CVE-2019-19794
The CVE-2019-19794 issue affects the miekg/dns Go DNS package prior to 1.1.25 (used by CoreDNS before 1.6.6 and other products). The root cause is use of math/rand for TXID generation, making TXIDs predictable and enabling response forgery. Remediation: update to miekg/dns v1.1.25 or later (and C...