18 matches found
EUVD-2021-1368
Malware in sbrugna...
go-resolver 数据伪造问题漏洞
go-resolver is a Golang DNSSEC validation parser library implemented on top of miekg/dns by the peterzen personal developer. A security vulnerability exists in go-resolver, which stems from DNSSEC authentication not being performed correctly...
Denial of Service in miekg-dns
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
GHSA-P55X-7X9V-Q8M4 Denial of Service in miekg-dns
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
Insecure Random Generator
github.com/miekg/dns uses an insecure random generation for transaction IDs. The default Id function uses an insecure math/rand function, resulting in predictable output and allowing an attacker to exploit the vulnerability to forge responses without being on path...
UBUNTU-CVE-2019-19794
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries...
Denial Of Service (DoS)
github.com/miekg/dns is vulnerable to Denial Of Service DoS. A null pointer dereference in the setTA function in scanrr.go causes a denial of service condition when dns.ParseZone parsing error occurs, allowing an attacker to deny service to users...
UBUNTU-CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
DEBIAN-CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
Design/Logic Flaw
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
CVE-2017-15133 affects the miekg/dns library and its use prior to version 1.0.4. A remote attacker can send carefully timed TCP packets to a DNS server, causing it to block or delay accepting new connections, leading to a denial of service and degraded availability. The risk is described as a net...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
CVE-2017-15133
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections...
Denial Of Service (DoS)
github.com/miekg/dns is vulnerable to denial of service DoS attacks. The msg.unpack method uses the lengths from headers without any validation. That allows attackers to use headers to overwhelm the application and cause DoS conditions...