168 matches found
Excessive NSEC3 iterations cause high CPU load during insecure delegation validation
...
[slackware-security] bind
New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.47-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix unbounded NSEC3 iterations when validating referrals...
Fedora 45 : bind / bind-dyndb-ldap (2026-8db2f80244)
The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8db2f80244 advisory. Update to 9.18.47 rhbz2440561 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 Source:...
Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack
Warlock continues to enhance its attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver...
Fedora 42 : bind / bind-dyndb-ldap (2026-34c921d252)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-34c921d252 advisory. Update to 9.18.44 rhbz2431609 Security Fixes: - Fix incorrect length checks for BRID and HHIT records. CVE-2025-13878 Bug Fixes: - Allow glue in delegations...
VulnCheck KEV: CVE-2025-68947
NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...
Fedora 44 : bind / bind-dyndb-ldap (2026-925e7cce85)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-925e7cce85 advisory. Update to 9.18.44 rhbz2431609 Security Fixes: - Fix incorrect length checks for BRID and HHIT records. CVE-2025-13878 Bug Fixes: - Allow glue in delegations...
MiracleLinux 8 : dnsmasq-2.79-31.el8_9.2 (AXSA:2024-7620:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7620:02 advisory. dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can...
MiracleLinux 8 : bind9.16-9.16.23-0.16.el8_9.2.ML.1 (AXSA:2024-7685:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7685:01 advisory. bind9: Parsing large DNS messages may cause excessive CPU load CVE-2023-4408 bind9: Querying RFC 1918 reverse zones may cause an assertion failure...
CVE-2025-68947 NSecsoft NSecKrnl process termination privilege escalation
NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver...
EUVD-2017-7327
Malware in sbrugna...
EUVD-2017-6570
Malware in sbrugna...
EUVD-2023-34280
Malicious code in bioql PyPI...
CVE-2023-0853
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF74...
DNSSEC NSEC. The accidental treasure map to your subdomains
TL;DR: DNSSEC secures DNS but may unintentionally expose domain structures via NSEC/NSEC3 records, enabling zone walking to enumerate subdomains. NSEC openly lists domain names, making enumeration easy. NSEC3 hashes names, making enumeration harder, but attackers can still crack weak...
Linux Distros Unpatched Vulnerability : CVE-2017-15105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prov...
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources
A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...
DNSJava DNSSEC Bypass
Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources
A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...
bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources
A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...