Linux Distros Unpatched Vulnerability : CVE-2023-50868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of service CPU...

OESA-2024-2015 bind security update

Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: The...

EulerOS Virtualization 2.10.1 : dnsmasq (EulerOS-SA-2024-1999)

According to the versions of the dnsmasq package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to caus...

EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2024-1954)

According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2024-1974)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...

EulerOS 2.0 SP11 : unbound (EulerOS-SA-2024-1794)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound...

EulerOS Virtualization 2.11.1 : unbound (EulerOS-SA-2024-1721)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modif...

Debian dla-3816 : bind9 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3816 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3816-1 [email protected]...

EulerOS 2.0 SP10 : unbound (EulerOS-SA-2024-1580)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service...

Important: bind

Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...

Amazon Linux 2 : bind (ALAS-2024-2530)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2530 advisory. Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of...

OESA-2024-1489 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC...

Amazon Linux 2 : dnsmasq (ALASDNSMASQ-2024-002)

The version of dnsmasq installed on the remote host is prior to 2.90-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DNSMASQ-2024-002 advisory. Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of...

Important: dnsmasq

Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Bind vulnerabilities (USN-6723-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6723-1 advisory. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1500)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : dnsmasq (RLSA-2024:1335)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1335 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

RHEL 9 : dnsmasq (RHSA-2024:1522)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1522 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...

AlmaLinux 8 : dnsmasq (ALSA-2024:1335)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1335 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

AlmaLinux 9 : dnsmasq (ALSA-2024:1334)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1334 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...