19 matches found
Advisory ROSA-SA-2026-3203
Software: unbound 1.16.2 OS: ROSA Virtualization 2.1 unaffected versions = unbound-1.16.2-5.9.rv3 affected versions unbound-1.16.2-5.9.rv3 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliable...
Advisory ROSA-SA-2026-3165
Software: unbound 1.16.2 OS: ROSA Virtualization 3.1 unaffected versions = unbound-1.16.2-5.9.rv31 affected versions unbound-1.16.2-5.9.rv31 CVE-ID: CVE-2025-5994 BDU-ID: 2025-12600 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Unbound DNS server is related to the loading of external unreliabl...
CVE-2025-36852 Build Cache Poisoning via Untrusted Pull Requests
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache such as those using Amazon S3, Google Cloud Storage, or similar object storage that allows any contributor with pull request privileges to inject compromised artifacts...
The vulnerability of the Dnsmasq DNS server lies in its improperly implemented security checks for standard elements, allowing attackers to execute a DNS cache poisoning attack.
The vulnerability of the Dnsmasq DNS server is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to execute a DNS cache poisoning attack remotely...
CVE-2020-25926
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning remote. The component is: dnsquerytype. The attack vector is: a specific DNS response packet...
Vulnerabilities fixed in Squid
Squid's developers have fixed three vulnerabilities. Of one vulnerability no CVE-id is known. The vulnerabilities allow a remote malicious party the ability to use cache poisoning to potentially gain access to sensitive data, or to cause a Denial-of-Service. The developers have released updates t...
djbdns 1.05 Long Response Packet Remote Cache Poisoning Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33937/info The 'djbdns' package is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or...
ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
ISC BIND 9 is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. Versions prior to the following are vulnerable: BIND 9.4.3-P5 BIND 9.5.2-P2 BI...
ISC BIND DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
ISC BIND is prone to a remote cache-poisoning vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind";...
PowerDNS Recursor Multiple Vulnerabilities (Jan 2010)
PowerDNS Recursor is prone to a remote cache-poisoning vulnerability and to a Buffer Overflow Vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
ISC BIND 9 DNSSEC查询响应远程缓存中毒漏洞
BUGTRAQ ID: 37118 CVECAN ID: CVE-2009-4022 BIND是一个应用非常广泛的DNS协议的实现,由ISC负责维护,具体的开发由Nominum公司完成。 启用了DNSSEC验证的名称服务器在解析递归客户端查询期间可能错误的从所接收到响应的附加部分向其缓存添加记录,这是一种缓存中毒的情况。...
ISC BIND 9 DNSSEC Query Response Remote Cache Poisoning
Binary data 5243.prm...
djbdns超长响应报文远程缓存中毒漏洞
BUGTRAQ ID: 33937 djbdns是一个由Qmail的作者所设计的轻量级DNS server。 djbdns的response.c文件负责处理名称压缩。该文件12行对nameptr数组有each 16384的标注,但responseaddname没有强制这个限制。如果用户向报文中编码的名称中第一个后缀大于或等于16384字节的话,responseaddname就会错误的编码到名称的偏移,生成畸形的响应报文。这种响应报文会给查询用户误导性信息,有助于攻击者执行中间人等网络欺骗攻击。 D. J. Bernstein djbdns 1.05 厂商补丁: D. J. Bernste...
djbdns 1.05 - Long Response Packet Remote Cache Poisoning
djbdns 1.05 - Long Response Packet Remote Cache Poisoning source: https://www.securityfocus.com/bid/33937/info The 'djbdns' package is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle,...
ISC BIND 8 - Remote Cache Poisoning (2)
ISC BIND 8 - Remote Cache Poisoning 2 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...
ISC BIND 8 - Remote Cache Poisoning (1)
ISC BIND 8 - Remote Cache Poisoning 1 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...
ISC BIND 8 - Remote Cache Poisoning (2)
source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or...
ISC BIND 8 - Remote Cache Poisoning (1)
source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or...
DEBIAN-CVE-2005-0175
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...