Lucene search
+L

49 matches found

veracode
veracode
added 2023/02/26 7:45 p.m.21 views

Denial Of Service (DoS)

knot-resolver is vulnerable to Denial Of Service DoS. The vulnerability exists because the single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response, allowing an attacker to crash the application...

7.5CVSS7.2AI score0.00708EPSS
Exploits0References2Affected Software1
susecve
susecve
added 2023/02/15 5:9 a.m.4 views

SUSE CVE-2016-0742

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service invalid pointer dereference and worker process crash via a crafted UDP DNS response...

7.5CVSS6.7AI score0.81958EPSS
Exploits0References4
osv
osv
added 2022/10/23 10:48 p.m.21 views

MGASA-2022-0388 Updated bind packages fix security vulnerability

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 By spoofing the target resolver with responses that have a malformed ECDSA...

7.5CVSS6.3AI score0.02299EPSS
Exploits0References7
cvelist
cvelist
added 2022/09/21 10:15 a.m.66 views

CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly

By sending specific queries to the resolver, an attacker can cause named to crash...

7.5CVSS7.7AI score0.01555EPSS
Exploits0References8
nessus
nessus
added 2022/05/05 12:0 a.m.22 views

F5 Networks BIG-IP : BIG-IP DNS resolver vulnerability (K85054496)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K85054496 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS...

5.9CVSS6.1AI score0.00762EPSS
Exploits0References2
redhat
redhat
added 2021/12/09 8:19 p.m.5 views

golang: net: lookup functions may return invalid host names

A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integri...

7.5CVSS7.2AI score0.03231EPSS
Exploits1References5
osv
osv
added 2021/07/19 6:15 p.m.8 views

CVE-2020-20249

Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service...

6.5CVSS6.7AI score0.01754EPSS
Exploits1References1
osv
osv
added 2021/07/10 5:41 p.m.14 views

OPENSUSE-SU-2021:1815-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...

7.7CVSS7.9AI score0.53461EPSS
Exploits10References3
osv
osv
added 2021/05/27 2:51 p.m.17 views

SUSE-SU-2021:1792-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...

7.7CVSS7.8AI score0.53461EPSS
Exploits10References3
cnnvd
cnnvd
added 2021/05/11 12:0 a.m.5 views

Mikrotik RouterOs 缓冲区错误漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. Mikrotik RouterOs has a memory corruption vulnerability in the /nova/bin/resolver process. A remote attacker could...

6.5CVSS5.9AI score0.01714EPSS
Exploits1References2
cnvd
cnvd
added 2020/06/17 12:0 a.m.2 views

Treck TCP/IP Input Validation Error Vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An input validation error vulnerability exists in the DNS resolver program component of Treck TCP/IP. An attacker could exploit this vulnerability to...

9.3CVSS7.9AI score0.21115EPSS
Exploits1References1
nvd
nvd
added 2020/01/22 2:15 a.m.21 views

CVE-2019-16791

In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy...

6.9CVSS6.7AI score0.00671EPSS
Exploits0References2
debiancve
debiancve
added 2019/12/16 12:0 a.m.67 views

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

7.5CVSS7.3AI score0.02166EPSS
Exploits1
euvd
euvd
added 2018/08/02 1:0 p.m.6 views

EUVD-2018-2974

Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache...

7.5CVSS6.8AI score0.03239EPSS
Exploits0References3
cnvd
cnvd
added 2017/09/08 12:0 a.m.6 views

GNU C Library DNS Spoofing Vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the DNS stub resolver in the GNU C Library. An attacker can exploit this vulnerability to perform a DNS spoofing attack...

5.9CVSS6.6AI score0.02403EPSS
Exploits0References1
cnvd
cnvd
added 2017/04/14 12:0 a.m.4 views

ISC BIND 9 DNS Recursive Resolver Denial of Service Vulnerability

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A denial of service vulnerability exists in the BIND 9 DNS recursive resolver, where a server performing a recursive operation that receives a response...

7.5CVSS6.7AI score0.08902EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the SeaMonkey software package allows a malicious attacker to execute arbitrary code or cause a service failure.

The SeaMonkey software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service interruptions by manipulating server permissions...

10CVSS7.6AI score0.04648EPSS
Exploits1References4
bdu_fstec
bdu_fstec
added 2016/04/19 12:0 a.m.6 views

DNS BIND server vulnerability, allowing attackers to cause service failures

The vulnerability in the resolver.c function of the BIND DNS server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an error message indicating “Assertion failure” or the termination o...

4.3CVSS6.8AI score0.2262EPSS
Exploits0References2Affected Software1
nessus
nessus
added 2016/03/04 12:0 a.m.27 views

Fedora 23 : glibc-2.22-9.fc23 (2016-0f9e9a34ce)

This updates addresses a critical security vulnerability in the DNS resolver related to AFUNSPEC queries with getaddrinfo CVE-2015-7547. In addition, a bug that causes Hesiod lookups to fail with a crash is fixed. Note that Tenable Network Security has extracted the preceding description block...

8.1CVSS8AI score0.89557EPSS
Exploits17References4
bdu_fstec
bdu_fstec
added 2016/02/24 12:0 a.m.8 views

The vulnerability of the glibc library, which allows a hacker to cause a service failure or execute arbitrary code

The vulnerability of the libresolv component in the glibc library is related to multiple buffer overflows in the senddg and sendvc functions. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code by sending specially crafted DNS requests that trigger...

9.3CVSS8.5AI score0.89557EPSS
Exploits17References9Affected Software3
Rows per page
Query Builder