EUVD-2022-7693

Malicious code in bioql PyPI...

Cross-Site Request Forgery (CSRF)

nsupdate is vulnerable to cross-site request forgery. The vulnerability exists in CSRFCOOKIEHTTPONLY cookie in base.py due to lack of proper security HTTP headers which allows an attacker to gain access to sensitive information in the system...

bind security update

32:9.8.2-0.68.rc1.0.3.8 - Backport fix for CVE-2018-5741 Orabug: 33496185 32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215 32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749 32:9.8.2-0.68.rc1.8 - Fix...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Free Personal Self Hosted Dynamic DNS

Free Personal Self Hosted Dynamic DNS with BIND and DNSSEC Environment: Server: static IP, running BIND Home: dynamic IP, running Debian/buntu Key Generation First step is to generate a key on the server. /etc/bind $ sudo dnssec-keygen -a HMAC-MD5 -b 512 -n HOST home.dynamic.n0where.net This...

OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0100)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix DNSKEY that encountered a CNAME 1447869, ISC change 3391 - Fix CVE-2017-3136 ISC change 4575 - Fix CVE-2017-3137 ISC change 4578 - Fix and test caching CNAME before DNAME ISC change 4558 - Fix...

OracleVM 3.3 : bind (OVMSA-2014-0084)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2014-8500 1171973 - Use /dev/urandom when generating rndc.key file 951255 - Remove bogus file from /usr/share/doc, introduced by fix for bug 1092035 - Add support for TLSA resource records...

ISC DHCPD 2.0/3.0.1 NSUPDATE Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A remote format string...

Scientific Linux Security Update : bind security for SL 4.x on i386/x86_64

CVE-2009-0696 bind: DoS assertion failure via nsupdate packets A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an...

BIND: Denial of service

Background ISC BIND is the Internet Systems Consortium implementation of the Domain Name System DNS protocol. Description Matthias Urlichs reported that the dnsdbfindrdataset function fails when the prerequisite section of the dynamic update message contains a record of type "ANY" and where at...

bind: DoS (assertion failure) via nsupdate packets

The dnsdbfindrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service assertion failure and daemon exit via an ANY record in the prerequisite section o...

CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Library

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Library Original release date: January 15, 2003 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems running ISC DHCPD versions...

ISC DHCPD minires library contains multiple buffer overflows

Overview The Internet Software Consortium ISC has discovered several buffer overflow vulnerabilities in their implementation of DHCP ISC DHCPD. These vulnerabilities may allow remote attackers to execute arbitrary code on affected systems. At this time, we are not aware of any exploits. Descripti...

CVE-2002-0702

Format string vulnerabilities in the logging routines for dynamic DNS code print.c of ISC DHCP daemon DHCPD 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response...

Format string bug in ISC dhcpd

Format string on syslog call in NSUPDATE functionality...

ISC DHCPD 2.03.0.1 - NSUPDATE Remote Format String

ISC DHCPD 2.03.0.1 - NSUPDATE Remote Format String // source: https://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A...

ISC DHCPD 2.0/3.0.1 - NSUPDATE Remote Format String

// source: https://www.securityfocus.com/bid/4701/info The ISC DHCPD Dynamic Host Configuration Protocol is a collection of software implementing the DHCP protocol. It is available for a range of operating systems, including BSD and Solaris. A remote format string vulnerability has been reported ...