25 matches found
Astra Linux – Vulnerability in python-kdcproxy
If kdcproxy receives a request for a realm whose configuration does not define any server addresses, it will, by default, query DNS zone records that match the requested realm name. This creates a server-side request-forgery vulnerability, as an attacker could send a request for a realm that...
EUVD-2024-0452
Malicious code in bioql PyPI...
DNS Record Scanner and Enumerator
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Record Scanner and Enumerator', 'Description' = %q This module can be used to gather information about a domain from a given DNS server by...
GHSA-WR2V-9RPQ-C35Q Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records
Vulnerability type Cryptography Workarounds Refer to the gateway documentation. The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV...
Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records
Vulnerability type Cryptography Workarounds Refer to the gateway documentation. The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV...
GHSA-H8G9-6GVH-5MRC etcd vulnerable to TOCTOU of gateway endpoint authentication
Vulnerability type Authentication Workarounds Refer to the gateway documentation. The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail The gateway only authenticates endpoints detected from DNS SRV records, and it only authenticates th...
etcd vulnerable to TOCTOU of gateway endpoint authentication
Vulnerability type Authentication Workarounds Refer to the gateway documentation. The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail The gateway only authenticates endpoints detected from DNS SRV records, and it only authenticates th...
etcd vulnerable to TOCTOU of gateway endpoint authentication
The vulnerability was spotted due to unclear documentation of how the gateway handles endpoints validation. Detail The gateway only authenticates endpoints detected from DNS SRV records, and it only authenticates the detected endpoints once...
dnsrecon 0.10.0 CSV Injection
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...
dnsrecon 0.10.0 - CSV Injection
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...
CVE-2020-15136
A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No...
CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
CVE-2020-15136 Improper authentication in etcd
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
CVE-2020-15136
CVE-2020-15136 affects etcd gateway behavior: TLS authentication is applied only to endpoints discovered via DNS SRV for a domain, with no authentication for endpoints provided via the --endpoints flag. Root cause is limited endpoint validation in the gateway’s discoverEndpoints flow. Impact: pot...
CVE-2020-15136
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...
Integer overflow
An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated...
CVE-2018-4011
CUJO Smart Firewall mdnscap (firmware 7003) is affected by CVE-2018-4011: an integer underflow in SRV RDATA parsing during mDNS DNS RR processing leads to out-of-bounds heap access and a crash of the mdnscap process. The flaw arises when rdlength is small (e.g., 0x05) and the code subtracts 6 wit...
DNS Record Scanner and Enumerator
This module can be used to gather information about a domain from a given DNS server by performing various DNS queries such as zone transfers, reverse lookups, SRV record brute forcing, and other techniques. This module requires Metasploit: https://metasploit.com/download Current source:...