Survey Says: So Long Grey Skies - Telecoms 2018 Outlook

Nominum, a part of Akamai, recently partnered with Telecoms.com to survey over 1,500 telecom professionals to get a sense of their concerns, initiatives and expectations for 2018. The findings are captured in the report Telecoms.com Annual Industry Survey 2017. Top concerns, outlined A top concer...

nominum.com XSS vulnerability

Open Bug Bounty ID: OBB-317067 Description| Value ---|--- Affected Website:| nominum.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Some Recursive DNS Implementations Patch DoS Vulnerability

UPDATE: Some domain name system DNS server implementations are at risk for denial-of-service attacks after a vulnerability was disclosed and patched in a few popular server packages, including BIND, OpenDNS, PowerDNS and NLnetLabs. According to an advisory from DHS and the CERT Coordination Cente...

Millions of Vulnerable Routers aiding Massive DNS Amplification DDoS Attacks

The Distributed Denial of Service DDoS attack is becoming more sophisticated and complex with the increase in the skills of attackers and so, has become one of favorite weapon for the cyber criminals to temporarily suspend or crash the services of a host connected to the Internet and till now...

Home Routers at Core of DNS-Based DDoS Amplification Attacks

DNS providers Nominum have published new data on DNS-based DDoS amplification attacks that are using home and small office routers as a jumping off point. The provider said that in February alone, more than five million home routers were used to generate attack traffic; that number represents mor...

ISC BIND安全限制绕过漏洞(CVE-2012-1033)

BUGTRAQ ID: 51898 CVE ID: CVE-2012-1033 BIND是一个应用非常广泛的DNS协议实现，由ISC负责维护，具体的开发由Nominum公司完成。 ISC BIND在缓存更新策略的实现上存在无法正确处理废弃域名的安全限制绕过漏洞，可导致从注册表中删除后还可以解析域名。 0 ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x 厂商补丁： ISC ---...

ISC BIND 9 RPZ配置远程拒绝服务漏洞

BUGTRAQ ID: 48565 CVE ID: CVE-2011-2465 BIND是一个应用非常广泛的DNS协议的实现，由ISC负责维护，具体的开发由Nominum公司完成。 ISC BIND在某些RPZ配置中存在拒绝服务漏洞，远程攻击者可利用此漏洞使受影响应用程序崩溃，造成拒绝服务。 在处理DNAME和CNAME记录时，RPZ功能中存在错误，可被利用终止named进程。如果服务器启用了递归并用包含某些类型记录的RPZ区域配置，则在查询时，BIND受影响版本中的错误可造成named进程退出。 ISC BIND 9.7.1-P2 ISC BIND 9.7.1-P1 ISC BIND...

ISC BIND 9 RRSIG Query类型远程拒绝服务漏洞

BUGTRAQ ID: 47734 CVE ID: CVE-2011-1907 BIND是一个应用非常广泛的DNS协议的实现，由ISC负责维护，具体的开发由Nominum公司完成。 ISC BIND在实现上存在远程拒绝服务漏洞，由于未能正确处理某些记录类型，攻击者可利用此漏洞造成应用程序进程崩溃，拒绝服务合法用户。 此问题仅影响将配置的RPZ功能用于RRset替换的BIND用户。BIND...

Nominum Vantio Detection (DNS)

DNS TCP and UDP based detection of Nominum Vantio. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ISC BIND 9 DNSSEC查询响应远程缓存中毒漏洞

BUGTRAQ ID: 37118 CVECAN ID: CVE-2009-4022 BIND是一个应用非常广泛的DNS协议的实现，由ISC负责维护，具体的开发由Nominum公司完成。 启用了DNSSEC验证的名称服务器在解析递归客户端查询期间可能错误的从所接收到响应的附加部分向其缓存添加记录，这是一种缓存中毒的情况。...