Lucene search
K

44 matches found

Oracle linux
Oracle linux
added 2022/02/03 12:0 a.m.198 views

bind security update

32:9.8.2-0.68.rc1.0.3.8 - Backport fix for CVE-2018-5741 Orabug: 33496185 32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215 32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749 32:9.8.2-0.68.rc1.8 - Fix...

10CVSS7.3AI score0.95182EPSS
Exploits60
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2021:14603-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS5.7AI score0.86692EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2021:0163-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.86692EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.25 views

openSUSE Security Update : dnsmasq (openSUSE-2021-124)

This update for dnsmasq fixes the following issues : - bsc1177077: Fixed DNSpooq vulnerabilities - CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. - CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflow...

8.3CVSS6.7AI score0.86692EPSS
Exploits2References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/20 12:0 a.m.51 views

Security update for dnsmasq (important)

openSUSE Security Update: Security update for dnsmasq Announcement ID: openSUSE-SU-2021:0124-1 Rating: important References: 1176076 1177077 Cross-References: CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2020-25687 Affected Products: openSUSE Leap...

8.3CVSS6.7AI score0.86692EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.31 views

SUSE SLES15 Security Update : dnsmasq (SUSE-SU-2021:0162-1)

This update for dnsmasq fixes the following issues : bsc1177077: Fixed DNSpooq vulnerabilities CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when...

8.3CVSS6.7AI score0.86692EPSS
Exploits2References17
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.42 views

SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2021:0166-1)

This update for dnsmasq fixes the following issues : bsc1177077: Fixed DNSpooq vulnerabilities CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when...

8.3CVSS6.7AI score0.86692EPSS
Exploits2References17
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.32 views

SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2021:0163-1)

This update for dnsmasq fixes the following issues : bsc1177077: Fixed DNSpooq vulnerabilities CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks. CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when...

8.3CVSS6.7AI score0.86692EPSS
Exploits2References17
OSV
OSV
added 2021/01/19 11:11 a.m.18 views

SUSE-SU-2021:14604-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Security issues fixed: - CVE-2020-25684, CVE-2020-25685, CVE-2020-25686: Fixed multiple Cache Poisoning attacks bsc1177077. - CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687: Fixed multiple potential Heap-based overflows when DNSS...

8.3CVSS6.1AI score0.86692EPSS
Exploits2References10
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.39 views

dnsmasq security and bug fix update

2.76-16 - Fix strict-mode retries on REFUSED 1755610 2.76-15 - Forward non-recursive queries to upstream, but serve local names 1755610 2.76-14 - Stop treating SERVFAIL as successful response 1815080 2.76-13 - Do not ignore DHCPv6 relay messages 1757247 2.76-12 - Fix memory leak in createhelper...

4.3CVSS0.9AI score0.02664EPSS
Exploits0
Hacker One
Hacker One
added 2020/04/24 9:0 p.m.127 views

Open-Xchange: Recursor accepts unsigned, empty NXDOMAINs in secure zones

Hi! This is a slightly edited version of the email I sent to the project's security contacts on 2020-04-21. Open-Xchange confirmed it and asked me to resubmit it here. --- Subject: Recursor may be accepting unsigned, empty NXDOMAINs in secure zones I can easily reproduce this against Cloudflare's...

5CVSS0.3AI score0.02434EPSS
Exploits0
OSV
OSV
added 2019/07/16 6:15 p.m.32 views

CVE-2019-10190

A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of...

7.5CVSS7.5AI score0.01993EPSS
Exploits0References5
Prion
Prion
added 2019/07/16 6:15 p.m.19 views

Input validation

A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of...

5CVSS7.4AI score0.01993EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2019/01/16 8:29 p.m.21 views

CVE-2018-5734

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected...

7.5CVSS7.4AI score0.06236EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/01/16 8:0 p.m.25 views

CVE-2018-5734 A malformed request can trigger an assertion failure in badcache.c

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected...

7.5CVSS7.4AI score0.06236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.18 views

Fedora 28 : knot-resolver (2018-389bc4e911)

Knot Resolver 2.3.0 2018-04-23 ================================ Security -------- - fix CVE-2018-1110: denial of service triggered by malformed DNS messages !550, !558, security!2, security!4 - increase resilience against slow lorris attack security!5 Bugfixes -------- - validation: fix SERVFAIL ...

7.5CVSS7.2AI score0.0111EPSS
Exploits0References2
Prion
Prion
added 2018/11/09 7:29 p.m.26 views

Design/Logic Flaw

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

4.3CVSS5.8AI score0.04839EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/11/09 7:29 p.m.1 views

UBUNTU-CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

5.9CVSS7AI score0.04839EPSS
Exploits0References5
OSV
OSV
added 2018/11/09 7:29 p.m.1 views

DEBIAN-CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

5.9CVSS6.4AI score0.04839EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/11/09 12:0 a.m.3 views

PT-2018-12638 · Powerdns +3 · Powerdns Recursor +3

Name of the Vulnerable Software and Affected Versions: PowerDNS Recursor versions 4.0.0 through 4.1.4 Description: A remote attacker can send a DNS query for a meta-type like OPT, leading to a zone being wrongly cached as failing DNSSEC validation. This issue arises when the parent zone is signed...

9.8CVSS6.3AI score0.59469EPSS
Exploits0References64
Rows per page
Query Builder