722 matches found
CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
FreeBSD : unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack (e27ee4fc-cdc9-45a1-8242-09898cdbdc91)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e27ee4fc-cdc9-45a1-8242-09898cdbdc91 advisory. [email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has be...
ISC BIND Cache-Poisoning Vulnerability (CVE-2025-40776, Birthday Attack) - Linux
ISC BIND is prone to a cache-poisoning vulnerability Birthday Attack against Resolvers supporting ECS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
UBUNTU-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
SUSE CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
SUSE CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
DEBIAN-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
ALPINE-CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
CVE-2025-5994 describes a rebirthday cache-poisoning risk in ECS-enabled caching resolvers. Affected product: Unbound (if built with ECS support and configured to send ECS data upstream). Root cause: need to segregate outgoing queries by ECS info; otherwise an attacker could exploit DNS transacti...
CVE-2025-5994 Cache poisoning via the ECS-enabled Rebirthday Attack
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
CVE-2025-5994
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...
ALPINE-CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
PT-2025-29825 · Isc · Bind
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.3-S1 through 9.16.50-S1 BIND 9 versions 9.18.11-S1 through 9.18.37-S1 BIND 9 versions 9.20.9-S1 through 9.20.10-S1 Description: A named caching resolver configured to send ECS EDNS Client Subnet options may be vulnerable ...
unbound -- Cache poisoning via the ECS-enabled Rebirthday Attack
[email protected] reports: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information...
PT-2025-29837 · Nlnet +7 · Unbound +7
Name of the Vulnerable Software and Affected Versions: Unbound affected versions not specified Description: A multi-vendor cache poisoning vulnerability, named 'Rebirthday Attack', has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is vulnerable when compiled wi...
NLnet Unbound 安全漏洞
NLnet Unbound is an open source DNS server from the Dutch NLnet team. A security vulnerability exists in NLnet Unbound that stems from a risk of cache poisoning when supporting EDNS Client Subnet, which could lead to a Rebirthday attack...
Open5GS Buffer Overflow Vulnerability (CNVD-2025-18574)
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a buffer overflow vulnerability that is caused by incorrect bounds checking in the ogspfcpsubnetadd function in the pfcp library. No detailed...