10 matches found
CVE-2024-10604
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...
CVE-2024-10603
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances...
CVE-2024-10603
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances...
Scientific Linux Security Update : bind on SL 3.0.x , SL 4.x, SL 5.x
The DNS protocol protects against spoofing attacks by requiring an attacker to predict both the DNS transaction ID and UDP source port of a request. In recent years, a number of papers have found problems with DNS implementations which make it easier for an attacker to perform DNS cache-poisoning...
Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit th...
CentOS Update for bind CESA-2008:0533 centos4 i386
Check for the Version of bind OpenVAS Vulnerability Test CentOS Update for bind CESA-2008:0533 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
openSUSE 10 Security Update : dnsmasq (dnsmasq-5512)
This update of dnsmasq uses random UDP source ports and a random TRXID now. CVE-2008-1447 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dnsmasq-5512. The text description of this plugin is C...
CentOS 3 / 4 / 5 : bind / selinux-policy (CESA-2008:0533)
Updated bind packages that help mitigate DNS spoofing attacks are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 10th July 2008 We have updated the Enterprise Linux 5 packages in this advisory. The default and sample...
PowerDNS Recursor: DNS Cache Poisoning
Background The PowerDNS Recursor is an advanced recursing nameserver. Description Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers CVE-2008-1637. Thomas Biege of SUSE pointed out that a prior fix to resolve this iss...
CVE-2008-1637
PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate 1 TRXID values and 2 UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to a algorithmic deficiencies in rand and random functions in external libraries, b use of a 32-bit seed...