Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/02/24 1:30 p.m.14 views

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

6.9CVSS6.9AI score0.00223EPSS
Exploits1References1
OSV
OSV
added 2025/01/30 8:15 p.m.10 views

CVE-2024-10603

Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances...

5.3CVSS6.7AI score
Exploits0References4
Cvelist
Cvelist
added 2025/01/30 7:14 p.m.30 views

CVE-2024-10603

Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances...

6.3CVSS0.00258EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.44 views

Scientific Linux Security Update : bind on SL 3.0.x , SL 4.x, SL 5.x

The DNS protocol protects against spoofing attacks by requiring an attacker to predict both the DNS transaction ID and UDP source port of a request. In recent years, a number of papers have found problems with DNS implementations which make it easier for an attacker to perform DNS cache-poisoning...

6.8CVSS6.5AI score0.95182EPSS
Exploits20References2
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.43 views

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. To exploit th...

6.8CVSS6.6AI score0.95182EPSS
Exploits20References3
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.46 views

CentOS Update for bind CESA-2008:0533 centos4 i386

Check for the Version of bind OpenVAS Vulnerability Test CentOS Update for bind CESA-2008:0533 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

5CVSS7.1AI score0.95182EPSS
Exploits20References2
Tenable Nessus
Tenable Nessus
added 2008/08/15 12:0 a.m.33 views

openSUSE 10 Security Update : dnsmasq (dnsmasq-5512)

This update of dnsmasq uses random UDP source ports and a random TRXID now. CVE-2008-1447 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dnsmasq-5512. The text description of this plugin is C...

6.8CVSS6.6AI score0.95182EPSS
Exploits20References1
Tenable Nessus
Tenable Nessus
added 2008/07/10 12:0 a.m.38 views

CentOS 3 / 4 / 5 : bind / selinux-policy (CESA-2008:0533)

Updated bind packages that help mitigate DNS spoofing attacks are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 10th July 2008 We have updated the Enterprise Linux 5 packages in this advisory. The default and sample...

6.8CVSS6.6AI score0.95182EPSS
Exploits20References10
Gentoo Linux
Gentoo Linux
added 2008/04/18 12:0 a.m.49 views

PowerDNS Recursor: DNS Cache Poisoning

Background The PowerDNS Recursor is an advanced recursing nameserver. Description Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers CVE-2008-1637. Thomas Biege of SUSE pointed out that a prior fix to resolve this iss...

6.8CVSS6.3AI score0.03964EPSS
Exploits1
Debian CVE
Debian CVE
added 2008/04/02 5:0 p.m.43 views

CVE-2008-1637

PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate 1 TRXID values and 2 UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to a algorithmic deficiencies in rand and random functions in external libraries, b use of a 32-bit seed...

6.8CVSS6.3AI score0.03964EPSS
Exploits1
Rows per page
Query Builder