CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-19331 – Ubuntu Security Notice USN-7047-1
https://notcve.org/view.php?id=CVE-2019-19331
16 Dec 2019 — knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB). knot-resolver versiones anteriores a 4.3.0, es vulnerable a una denegación de servicio por medio de una alta utilización de la CPU. Las respuestas de DNS co... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19331 • CWE-404: Improper Resource Shutdown or Release CWE-407: Inefficient Algorithmic Complexity •
CVSS: 5.9EPSS: 1%CPEs: 5EXPL: 0CVE-2013-5661
https://notcve.org/view.php?id=CVE-2013-5661
05 Nov 2019 — Cache Poisoning issue exists in DNS Response Rate Limiting. Existe Un problema de envenenamiento de caché en el DNS Response Rate Limiting. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5661 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2019-16159 – Debian Security Advisory 4528-1
https://notcve.org/view.php?id=CVE-2019-16159
09 Sep 2019 — BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed. BIRD Internet Routing Da... • http://bird.network.cz • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10191 – Ubuntu Security Notice USN-7047-1
https://notcve.org/view.php?id=CVE-2019-10191
16 Jul 2019 — A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. Se detectó una vulnerabilidad en la resolución de DNS de knot resolver anteriores a la versión 4.1.0, que permite a los atacantes remotos degradar los dominios seguros de DNSSEC a un estado no seguro de DNSSEC, abriendo la posibilidad de un secuestro de ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10191 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-10190 – Ubuntu Security Notice USN-7047-1
https://notcve.org/view.php?id=CVE-2019-10190
16 Jul 2019 — A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191. Se detectó una vulnerabilidad en el componente de resolución de DNS de knot resolver hasta la versión 3.2.0 anterior ... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10190 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 1CVE-2018-10920
https://notcve.org/view.php?id=CVE-2018-10920
02 Aug 2018 — Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. Error de validación de entradas incorrecta en el componente DNS resolver de Knot Resolver, en versiones anteriores a la 2.4.1, permite que atacantes remotos envenenen la caché. • https://github.com/shutingrz/CVE-2018-10920_PoC • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-0486
https://notcve.org/view.php?id=CVE-2014-0486
27 Mar 2018 — Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message. Knot DNS, en versiones anteriores a la 1.5.2, permite que los atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante un mensaje DNS manipulado. • http://www.securityfocus.com/bid/70097 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000002
https://notcve.org/view.php?id=CVE-2018-1000002
22 Jan 2018 — Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. Errores de validación indebida de entradas en los componentes de validadores DNSSEC en Knot Resolver (en versiones anteriores a la 1.5.2) permiten que un atacante Man-in-the-Middle (MitM) niegue la existencia de algunos datos en DNS mediante la reproducción de paquetes. • https://www.knot-resolver.cz/2018-01-22-knot-resolver-1.5.2.html • CWE-20: Improper Input Validation •