23 matches found
EUVD-2008-2353
Malware in sbrugna...
EUVD-2010-0531
Malware in sbrugna...
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
SUSE CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-2126)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible...
EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1958)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible...
EulerOS 2.0 SP9 : busybox (EulerOS-SA-2022-1988)
According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible...
Cross Site Scripting (XSS)
busybox is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to arbitrary code execution which allows an attacker to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal...
Updated busybox packages fix security vulnerability
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors. CVE-2022-28391...
CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
AZL-41790 CVE-2022-28391 affecting package busybox for versions less than 1.36.1-3
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
UBUNTU-CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
DNS Enumeration Script: DNSRecon
DNS reconnaissance is part of the information gathering stage on a penetration test engagement. When a penetration tester is performing a DNS reconnaissance he is trying to obtain as much information as he can regarding the DNS servers and their records. The information that can be gathered can...
Design/Logic Flaw
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CVE-2010-0500
The CVE-2010-0500 vulnerability affects Apple Mac OS X Event Monitor prior to 10.6.3. The issue arises from improper validation of SSH client hostnames, allowing a remote attacker to trigger a denial of service by crafting a DNS PTR record, with the attack tied to a plist injection handling path....
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CVE-2008-2357
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
Stack overflow
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
CVE-2008-2357
CVE-2008-2357 affects mtr prior to version 0.73, where a stack-based buffer overflow in split_redraw (split.c) can be triggered by a crafted DNS PTR record when using -p. Several OpenVAS/Nessus entries link this to multiple distributions (e.g., SUSE/OpenSUSE, Gentoo GLSA, Slackware SSA) and refer...