19 matches found
Mozilla: Malicious extensions could have spoofed popup information
The Mozilla Foundation Security Advisory describes this issue as: A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website...
openSUSE Security Update : MozillaFirefox / MozillaThunderbird / mozilla-nspr (openSUSE-2015-290)
Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox : - Miscellaneou...
ISC BIND 8 Remote Cache Poisoning Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...
Microsoft Windows DNS Insufficient Socket Entropy (MS08-037) - High Confidence (CVE-2008-1447)
There exists a DNS Cache Poisoning vulnerability in Microsoft DNS servers and clients. A remote attacker can exploit this vulnerability to poison the DNS cache by sending malicious responses to DNS requests, thereby redirecting Internet traffic to illegitimate sites. In a successful attack case,...
Microsoft Windows DNS Insufficient Socket Entropy (MS08-037; CVE-2008-1447)
There exists a DNS Cache Poisoning vulnerability in Microsoft DNS servers and clients. A remote attacker can exploit this vulnerability to poison the DNS cache by sending malicious responses to DNS requests, thereby redirecting Internet traffic to illegitimate sites. In a successful attack case,...
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Apache Traffic Server is prone to a remote DNS cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle,...
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Apache Traffic Server is prone to a remote DNS cache-poisoning vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Mozilla Firefox 3.5.1 - Error Page Address Bar URI Spoofing
source: https://www.securityfocus.com/bid/35803/info Mozilla Firefox is affected by a URI-spoofing vulnerability. An attacker may leverage this issue by inserting arbitrary content to spoof a URI presented to an unsuspecting user. This may lead to a false sense of trust because the victim may be...
GLSA-200804-22 : PowerDNS Recursor: DNS Cache Poisoning
The remote host is affected by the vulnerability described in GLSA-200804-22 PowerDNS Recursor: DNS Cache Poisoning Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers CVE-2008-1637. Thomas Biege of SUSE pointed out th...
PowerDNS Recursor: DNS Cache Poisoning
Background The PowerDNS Recursor is an advanced recursing nameserver. Description Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers CVE-2008-1637. Thomas Biege of SUSE pointed out that a prior fix to resolve this iss...
ISC BIND 8 - Remote Cache Poisoning (2)
ISC BIND 8 - Remote Cache Poisoning 2 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...
ISC BIND 8 - Remote Cache Poisoning (1)
ISC BIND 8 - Remote Cache Poisoning 1 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...
ISC BIND 8 - Remote Cache Poisoning (1)
source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or...
GLSA-200504-03 : Dnsmasq: Poisoning and Denial of Service vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200504-03 Dnsmasq: Poisoning and Denial of Service vulnerabilities Dnsmasq does not properly detect that DNS replies received do not correspond to any DNS query that was sent. Rob Holland of the Gentoo Linux Security Audit team al...
Dnsmasq: Poisoning and Denial of Service vulnerabilities
Background Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server. Description Dnsmasq does not properly detect that DNS replies received do not correspond to any DNS query that was sent. Rob Holland of the Gentoo Linux Security Audit team also discovered two off-by-one...
Symantec Enterprise Firewall 7.08.0 - DNSD DNS Cache Poisoning
Symantec Enterprise Firewall 7.08.0 - DNSD DNS Cache Poisoning source: https://www.securityfocus.com/bid/10557/info It is reported that dnsd is prone to a cache poisoning vulnerability. Dnsd does not ensure that the data returned from a remote DNS server contains related information about the...
Symantec Enterprise Firewall 7.0/8.0 - DNSD DNS Cache Poisoning
source: https://www.securityfocus.com/bid/10557/info It is reported that dnsd is prone to a cache poisoning vulnerability. Dnsd does not ensure that the data returned from a remote DNS server contains related information about the requested records. An attacker could exploit this vulnerability to...
Microsoft Internet Explorer 5.0.1 Opera 7.51 - URI Obfuscation
Microsoft Internet Explorer 5.0.1 Opera 7.51 - URI Obfuscation source: https://www.securityfocus.com/bid/10517/info A weakness is reported in Microsoft Internet Explorer and Opera allowing an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate web sites ...
Microsoft Internet Explorer 5.0.1 / Opera 7.51 - URI Obfuscation
source: https://www.securityfocus.com/bid/10517/info A weakness is reported in Microsoft Internet Explorer and Opera allowing an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users...