SUSE CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

SUSE CVE-2019-11638

An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function recfieldnameequalp at rec-field-name.c in librec.a, leading to a crash...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-2725)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2021-1271 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value involving strdupa and alloca for a pathname controlled by a local attacker that results i...

Ubuntu 16.04 ESM : systemd vulnerabilities (USN-5013-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5013-2 advisory. USN-5013-1 fixed several vulnerabilities in systemd. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the...

systemd 安全漏洞

systemd is a Linux-based system and service manager from the individual developer Lennart Poettering in Germany. The product is compatible with SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A security vulnerability exists in systemd...

Denial Of Service (DoS)

libbind9.so is vulnerable to denial of service. The deny-answer-aliases feature which is used to protect end users against DNS rebinding attacks is affected by an assertion failure in name.c, which would allow a remote attacker to crash the process...

CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

Denial Of Service (DoS)

bind is vulnerable to denial of service DoS attacks. The vulnerability exists as "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client...

UBUNTU-CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

SUSE-SU-2017:1027-1 Security update for bind

This update for bind fixes the following issues: - A regression in the fix for CVE-2017-3137 caused an assert in name.c bsc1034162...

ISC BIND 9 NSEC3-Signed Zone Handling DoS

According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability. This issue exists due to the handling of queries for NSEC3-signed zones related to the memcpy function in the 'name.c' file on authoritative nameservers. Note that Ness...