PT-2026-47609

Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning Kaminsky attack. Details Two factors contribute to this vulnerability in...

EulerOS Virtualization 2.10.1 : avahi (EulerOS-SA-2026-1529)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them...

EulerOS 2.0 SP10 : avahi (EulerOS-SA-2026-1301)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after...

Security update for avahi

This update for avahi fixes the following issues: CVE-2024-52616: Fixed Avahi Wide-Area DNS Predictable Transaction IDs bsc1233420 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Microsoft Windows DNS Server Spoofing - Ver2 (CVE-2007-3898)

There exits a vulnerability in Microsoft Windows DNS Server. The flaw is caused by predictable transaction identifiers in DNS requests generated. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the target system...

Squid Proxy DNS Response Spoofing (CVE-2005-1519; CVE-2007-3898)

There exists a vulnerability in Squid Web Proxy Cache in the processing of DNS lookups. The flaw is caused by predictable transaction identifiers in DNS requests generated by Squid. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the targe...