93 matches found
KLA11759 Multiple vulnerabilities in VLC media player
Multiple vulnerabilities were found in VLC media player. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to parsing compressed labels in mDNS messages can be exploited to...
UBUNTU-CVE-2020-6816
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...
PYSEC-2020-28
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...
CVE-2020-6080
An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustion. An attacker...
Integer overflow
An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...
Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send ...
PT-2019-6122 · Nlnet +8 · Unbound +8
Name of the Vulnerable Software and Affected Versions: Unbound versions prior to 1.9.5 Description: The issue is related to an out-of-bounds write via a compressed name in the rdata copy function. Although the vendor disputes that this is a vulnerability, the code may be vulnerable. However, a...
DNS Traffic Capture: DNSCAP
dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap3 and other format. This utility is similar to tcpdump1, but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections. Some o...
ISC BIND DNS RDATA Handling Remote DoS Vulnerability (Jan 2016)
ISC BIND is prone to a remote denial of service DoS vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
openSUSE Security Update : bind (openSUSE-SU-2012:0722-1)
A remote denial of service in the bind nameserver via zero length rdata fields was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-316. The text description of this plugin...
Перенос таблицы импорта
Всем привет! В этой статье я расскажу о работе с исполняемыми файлами PE-формата, а именно о работе с таблицей импорта. Возникла необходимость перенести таблицу импорта. Перенести в другую секцию, либо в пределах одной секции. В данном случае перенос таблицы импорта осуществляется в пределах одно...
update for bind (important)
A specially crafted query with malicious rdata could have caused a crash DoS in named...
ISC BIND RDATA Handling Assertion Failure Denial of Service (CVE-2012-4244; CVE-2013-4854)
A denial of service vulnerability exists in ISC BIND. The vulnerability is due to an assertion failure that occurs when handling malformed RDATA. A remote attacker could exploit this vulnerability by sending a DNS query response with a specially crafted resource record to an affected server...
ISC BIND rdata Denial Of Service Vulnerability
This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of an rdata section with a length that is less than four. The issue...
ISC BIND 9 DNS RDATA Handling Remote DoS
Binary data 6964.prm...
bind: named crash with an assertion failure on parsing malformed rdata
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query with...
ISC BIND 9 DNS RDATA处理远程拒绝服务漏洞
Bugtraq ID:61479 CVE ID:CVE-2013-4854 ISC BIND是一款DNS协议的实现 ISC BIND在解析DNS查询中的RDATA数据时存在错误,允许远程攻击者利用漏洞提交包含畸形RDATA数据的特殊查询可触发REQUIRE断言,使服务程序崩溃。此漏洞已经在网络上积极利用,权威和递归服务器都受此漏洞影响 0 ISC BIND 9.8.0 - 9.8.5-P1 ISC BIND 9.9.0 - 9.9.3-P1 厂商解决方案 ISC BIND 9.8.5-P2,9.9.3-P2和9.9.3-S1-P1已经修复此漏洞,建议用户下载更新:...
Updated bind package fixes security vulnerability
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service daemon crash via a query with a malformed RDATA section...
USN-1910-1: Bind vulnerability
Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service...
ISC BIND 9 RDATA Section Handling DoS
According to its self-reported version number, the remote installation of BIND can be forced to crash via specially crafted queries containing malformed 'rdata' contents. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actual...