11 matches found
RHEL 7 : unbound (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unbound: command injection with data coming from a specially crafted IPSECKEY answer CVE-2019-18934 - A...
SUSE CVE-2017-15105
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence NXDOMAIN answer of an existing wildcard record, or trick unbound into accepting a NODATA proof...
SUSE CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist...
USN-4924-1 dnsmasq vulnerabilities
It was discovered that Dnsmasq incorrectly handled certain wildcard synthesized NSEC records. A remote attacker could possibly use this issue to prove the non-existence of hostnames that actually exist. CVE-2017-15107 It was discovered that Dnsmasq incorrectly handled certain large DNS packets. A...
Unbound Security Bypass Vulnerability
Unbound is a C-based open source recursive DNS server software maintained by NLnet Labs in the Netherlands. A security vulnerability exists in Unbound versions prior to 1.6.8, which stems from the program failing to properly validate wildcard records. An attacker could exploit this vulnerability ...
DEBIAN-CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist...
DEBIAN-CVE-2017-15105
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence NXDOMAIN answer of an existing wildcard record, or trick unbound into accepting a NODATA proof...
ALPINE-CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist...
UBUNTU-CVE-2017-15107
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist...
UBUNTU-CVE-2017-15105
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence NXDOMAIN answer of an existing wildcard record, or trick unbound into accepting a NODATA proof...
dns-brute NSE Script
Attempts to enumerate DNS hostnames by brute force guessing of common subdomains. With the dns-brute.srv argument, dns-brute will also try to enumerate common DNS SRV records. Wildcard records are listed as "A" and "AAAA" for IPv4 and IPv6 respectively. See also: dns-nsec3-enum.nse...