Linux Distros Unpatched Vulnerability : CVE-2023-20917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. This could lead to local escalatio...

K11742512: BIND vulnerability CVE-2022-2795

Security Advisory Description By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 Impact A flaw in resolver code can cause name...

AIX 7.2 TL 5 : bind (IJ44426) (deprecated)

https://vulners.com/cve/CVE-2022-38178 https://vulners.com/cve/CVE-2022-38178 ISC BIND is vulnerable to a denial of service, caused by a memory leak in the DNSSEC verification code for the EdDSA algorithm. By spoofing the target resolver with responses that have a malformed EdDSA signature, a...

AIX 7.1 TL 5 : bind (IJ44422)

https://vulners.com/cve/CVE-2022-38178 ISC BIND is vulnerable to a denial of service, caused by a memory leak in the DNSSEC verification code for the EdDSA algorithm. By spoofing the target resolver with responses that have a malformed EdDSA signature, a remote attacker could exploit this...

Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service due to memory leaks and a flaw in resolver code (CVE-2022-2795, CVE-2022-38177, CVE-2022-38178)

Summary ISC BIND on IBM i is vulnerable to a denial of service attack due to memory leaks in the DNSSEC verification code and a flaw in resolver code to degrade performance as described in the vulnerability details section. IBM i has addressed the vulnerabilities in ISC BIND with a fix as describ...

ISC BIND DoS Vulnerability (CVE-2022-2795) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

ISC BIND DoS Vulnerability (CVE-2022-2795) - Windows

ISC BIND is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

ISC BIND 资源管理错误漏洞

ISC BIND is the United States ISC company's set of open source software that implements the DNS protocol. ISC BIND suffers from a denial-of-service vulnerability that stems from a flaw in the resolver code that could cause naming to take an inordinate amount of time to process large delegates,...

glibc -- getaddrinfo stack-based buffer overflow

Fabio Olive Leite reports: A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

No description provided by source. !-- Mozilla Firefox 'location.hostname' Cross-Domain Vulnerability Software : Mozilla Firefox version 2.0.0.1 and prior CVE reference : CVE-2007-0981 Impact : Security Bypass Risk : Moderate Discovered by : Michal Zalewski http://lcamtuf.coredump.cx/ Advisory Da...

: seamonkey cookie setting / same-domain bypass vulnerability

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...

Mozilla Firefox 2.0.0.1 - &#039;location.hostname&#039; Cross-Domain

Options - Privacy - Show Cookies for login.live.com Gorn, gorn.supportgmailcom 2007-02-19 16:00 -- var mydomain = '127.0.0.1'; var varcook = 'MSPPre=firefoxvulnerabilitytest'; var domcook = 'login.live.com'; if location.hostname == mydomain...

CVE-2007-0981

CVE-2007-0981 affects Mozilla-based browsers (Firefox up to 1.5.0.10 and 2.x up to 2.0.0.2; SeaMonkey up to 1.0.8). The root cause is a handling flaw when location.hostname is modified via a URI containing a null byte, interacting with DNS resolver code, which can bypass the same-origin policy an...

Remote buffer overflow in resolver code of libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------------- Pine Internet Security Advisory ----------------------------------------------------------------------------- Advisory ID : PINE-CERT-20020601 Authors : Joost Pol...