49 matches found
Denial Of Service (DoS)
knot-resolver is vulnerable to Denial Of Service DoS. The vulnerability exists because the single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response, allowing an attacker to crash the application...
SUSE CVE-2016-0742
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service invalid pointer dereference and worker process crash via a crafted UDP DNS response...
MGASA-2022-0388 Updated bind packages fix security vulnerability
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 By spoofing the target resolver with responses that have a malformed ECDSA...
CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
By sending specific queries to the resolver, an attacker can cause named to crash...
F5 Networks BIG-IP : BIG-IP DNS resolver vulnerability (K85054496)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K85054496 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS...
golang: net: lookup functions may return invalid host names
A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integri...
CVE-2020-20249
Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service...
OPENSUSE-SU-2021:1815-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...
SUSE-SU-2021:1792-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write bsc1186126...
Mikrotik RouterOs 缓冲区错误漏洞
MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. Mikrotik RouterOs has a memory corruption vulnerability in the /nova/bin/resolver process. A remote attacker could...
Treck TCP/IP Input Validation Error Vulnerability
Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An input validation error vulnerability exists in the DNS resolver program component of Treck TCP/IP. An attacker could exploit this vulnerability to...
CVE-2019-16791
In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...
EUVD-2018-2974
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache...
GNU C Library DNS Spoofing Vulnerability
The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the DNS stub resolver in the GNU C Library. An attacker can exploit this vulnerability to perform a DNS spoofing attack...
ISC BIND 9 DNS Recursive Resolver Denial of Service Vulnerability
ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A denial of service vulnerability exists in the BIND 9 DNS recursive resolver, where a server performing a recursive operation that receives a response...
The vulnerability of the SeaMonkey software package allows a malicious attacker to execute arbitrary code or cause a service failure.
The SeaMonkey software contains a vulnerability in the nsHostResolver::ConditionalRefreshRecord function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service interruptions by manipulating server permissions...
DNS BIND server vulnerability, allowing attackers to cause service failures
The vulnerability in the resolver.c function of the BIND DNS server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an error message indicating “Assertion failure” or the termination o...
Fedora 23 : glibc-2.22-9.fc23 (2016-0f9e9a34ce)
This updates addresses a critical security vulnerability in the DNS resolver related to AFUNSPEC queries with getaddrinfo CVE-2015-7547. In addition, a bug that causes Hesiod lookups to fail with a crash is fixed. Note that Tenable Network Security has extracted the preceding description block...
The vulnerability of the glibc library, which allows a hacker to cause a service failure or execute arbitrary code
The vulnerability of the libresolv component in the glibc library is related to multiple buffer overflows in the senddg and sendvc functions. Exploiting this vulnerability allows an attacker to cause service failures or execute arbitrary code by sending specially crafted DNS requests that trigger...