13 matches found
PT-2025-52933
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains refcount leak bugs within the qcom smsm probe function. Specifically, two issues exist: a refcount leak of local node during iteration with for each child of...
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1736)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : bind9.16 (RLSA-2024:1781)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1781 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-550)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-550 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may...
Fedora 38 : bind / bind-dyndb-ldap (2024-fae88b73eb)
The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-fae88b73eb advisory. Security Fixes - Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service...
Debian dsa-5621 : bind9 - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5621 advisory. - The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic,...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
Design/Logic Flaw
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
CVE-2023-5517
A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...
ISC BIND 9.12.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Assertion Failure (cve-2023-5517)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is...
Wireshark < 1.2.14 / 1.4.3 Multiple Vulnerabilities
The installed version of Wireshark is 1.2.x less than 1.2.14 or 1.4.x less than 1.4.3. Such versions are affected by the following vulnerabilities : - An error exists in the MAC-LTE dissector that allows a series of malformed packets to cause a buffer overflow. 5530 - An error exists in the ENTTE...