26 matches found
EUVD-2013-4615
Malware in sbrugna...
EUVD-2008-4373
Malware in sbrugna...
EUVD-2012-3386
Malware in sbrugna...
RUSTSEC-2023-0041 Remote Attackers can cause Denial-of-Service (packet loops) with crafted DNS packets
trust-dns and trust-dns-server are vulnerable to remotely triggered denial-of-service attacks, consuming both network and CPU resources. DNS messages with the QR=1 bit set are responded to with a FormErr response. This allows creating a traffic loop, in which these FormErr responses are sent...
Design/Logic Flaw
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
Unspecified Vulnerability in HCC Embedded InterNiche (CNVD-2021-59226)
HCC Embedded InterNiche is a newsletter software. An unspecified vulnerability exists in HCC Embedded InterNiche, which can be exploited to allow an attacker to be able to predict the source port of a DNS query, and then send spoofed DNS response packets that may be accepted as valid answers...
Denial Of Service (DoS)
libvirt is vulnerable to denial of service DoS attacks. The vulnerability exists as Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoof...
Microsoft Windows DNS Server Spoofing - Ver2 (CVE-2007-3898)
There exits a vulnerability in Microsoft Windows DNS Server. The flaw is caused by predictable transaction identifiers in DNS requests generated. A remote attacker may leverage this vulnerability to use spoofed DNS responses to poison the DNS cache on the target system...
CVE-2013-4769
The cloud controller aka CLC component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service traffic amplification via spoofed DNS queries...
Phony Fax Leads to Metasploit, Rapid7 DNS Hijacking
A pro-Palestine hacker collective went old-school in its takedown of the Metasploit and Rapid7 websites today. Metasploit creator and HD Moore confirmed via Twitter that Metasploit.com was hacked via a spoofed DNS change request sent via fax to its registrar, Register.com. “Hacking like it’s 1964...
CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...
CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...
Code injection
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...
Code injection
Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix...
CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...
CVE-2012-3411
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...
CVE-2012-3411
CVE-2012-3411 affects dnsmasq when used with certain libvirt configurations. Dnsmasq versions earlier than 2.63test1 can reply to requests from prohibited interfaces, enabling a remote attacker to trigger a denial-of-service via a spoofed DNS query (traffic amplification). Public-affecting adviso...
CVE-2012-3416
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...
Design/Logic Flaw
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...
CVE-2012-3416
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...