26 matches found
DEBIAN-CVE-2026-14461
mtr is vulnerable to Out-of-bound read vulnerability in ipinfolookup function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME...
CVE-2026-10652 Out-of-bounds read in Zephyr DNS resolver TXT/SRV record parsing (unvalidated `rdlength`)
Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...
CVE-2026-10652 Out-of-bounds read in Zephyr DNS resolver TXT/SRV record parsing (unvalidated `rdlength`)
Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...
CVE-2026-41234 Froxlor: BIND Zone File Injection via TXT Record Content
Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...
GHSA-37M5-M4Q3-FC6X Froxlor: BIND Zone File Injection via TXT Record Content
Summary The DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record line in the generated BIND zone file. This enables injection of arbitra...
HTTPS Fetch, DNS TXT Record Payload Download and Execution
Fetch and execute an x86 payload from an HTTPS server. Performs a TXT query against a series of DNS records and executes the returned x86 shellcode. The DNSZONE option is used as the base name to iterate over. The payload will first request the TXT contents of the a hostname, followed by b, then ...
CVE-2025-57403
Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...
CVE-2025-57403
Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...
CVE-2025-57403
Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...
CVE-2025-57403
Cola Dnslog v1.3.2 is affected by a Directory Traversal vulnerability in the DNS TXT query handling. The root cause is the application concatenating the requested URL (or a portion) with a base path via os.path.join, allowing directory traversal or absolute path injection and potentially exposing...
PT-2025-53599
Name of the Vulnerable Software and Affected Versions Cola Dnslog version 1.3.2 Description The application processes DNS queries for TXT records by concatenating the requested URL with a base path using os.path.join. This allows for directory traversal or absolute path injection. Successful...
CVE-2025-57403
Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL or a portion of it directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to th...
Cola Dnslog 安全漏洞
Cola Dnslog is a no-reply vulnerability detection aid platform for individual AbelChe developers. A security vulnerability exists in Cola Dnslog v1.3.2, which stems from the direct splicing of request URLs and base paths when processing TXT record DNS queries, which may lead to directory traversa...
The vulnerability of the decomp_get_rddata function in the Decompress.c file of the MaraDNS system’s software allows a attacker to perform a “denial-of-service” attack.
The vulnerability of the decompgetrddata function in the Decompress.c file of the MaraDNS system implementation is caused by a numerical overflow during the processing of DNS packets with an Answer RR qtype of 16 TXT record and any qclass. Exploiting this vulnerability could allow a remote attack...
UBUNTU-CVE-2024-24150
A memory leak issue discovered in parseSWFTEXTRECORD in libming v0.4.8 allows attackers to cause a denial of service via a crafted SWF file...
DEBIAN-CVE-2023-31137
MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...
SUSE CVE-2014-4049
Heap-based buffer overflow in the phpparserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service crash and possibly execute arbitrary code via a crafted DNS TXT record, related to the dnsgetrecord function...
Videolabs libmicrodns Input Validation Error Vulnerability
Videolabs libmicrodns is a cross-platform mDNS multicast DNS resolver from Videolabs Labs in France. An input validation error vulnerability exists in the TXT record parsing feature of Videolabs libmicrodns 0.1.0. The vulnerability stems from a network system or product that does not properly...
UBUNTU-CVE-2020-6073
An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...
libming integer overflow vulnerability (CNVD-2018-03001)
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. An integer overflow vulnerability exists in the 'outputSWFTEXTRECORD' function in the util/outputscript.c file in libming 0.4.8 and earlier...