15 matches found
Technitium DNS Amplification
RISK EVALUATION Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause a vulnerable system to generate excessive network traffic. 2. RECOMMENDED PRACTICES Fixed in version 15.0. 3. DESCRIPTION Technitium...
EUVD-2010-3609
Malware in sbrugna...
EulerOS Virtualization 2.12.1 : systemd (EulerOS-SA-2024-2318)
According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cau...
EulerOS 2.0 SP12 : systemd (EulerOS-SA-2024-2228)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...
EulerOS 2.0 SP9 : dnsmasq (EulerOS-SA-2024-1954)
According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2024-1974)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...
EulerOS 2.0 SP12 : dnsmasq (EulerOS-SA-2024-1851)
According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cause a denial of...
AZL-34440 CVE-2023-50387 affecting package unbound for versions less than 1.19.1-1
Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...
CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG...
PT-2022-21780 · Unknown · Go-Resolver
Name of the Vulnerable Software and Affected Versions: go-resolver affected versions not specified Description: The issue is related to incorrect DNSSEC validation. An attacker can cause the package to report successful validation for invalid, attacker-controlled records. The owner name of RRSIG...
AIX 6.1 TL 4 : bind9 (IV01118)
The security status of an NS RRset is not properly determined during a DNSKEY algorithm rollover which can allow a remote attacker to cause a denial of service. Signed negative responses and corresponding RRSIG records in the cache are not properly handled which can allow a remote attacker to cau...
[SECURITY] [DSA-2130-1] New BIND packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2130-1 [email protected] http://www.debian.org/security/ Florian Weimer December 10, 2010 http://www.debian.org/security/faq -...
CVE-2010-3613
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service daemon crash via a query for...
ISC BIND 9 9.4-ESV < 9.4-ESV-R4, 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3, 9.7.x < 9.7.2-P3 Multiple Vulnerabilities
According to its self-reported version number, the remote installation of BIND is affected by multiple vulnerabilities : - Failure to clear existing RRSIG records when a NO DATA is negatively cached could cause subsequent lookups to crash named. CVE-2010-3613 - Named, when acting as a DNSSEC...
ISC BIND 9.4-ESV < 9.4-ESV-R4 / 9.6.2 < 9.6.2-P3, 9.6-ESV < 9.6-ESV-R3 / 9.7.x < 9.7.2-P3 Multiple Vulnerabilities
Binary data 5718.prm...