Page 38 of 230 results (0.003 seconds)

CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. Múltiples desbordamientos de búfer en la pila en las rutinas de manejo de errores de la libreria minires, como es usada en la capacidad NSUPDATE de ISC DHCPD 3.0 A 3.0.1RC10, permite a atacantes remotos ejecutar código arbitrario mediante un mensaje DHCP conteniendo un nombre de host largo. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 http://www.cert.org/advisories/CA-2003-01.html http://www.ciac.org/ciac/bulletins/n-031.shtml http://www.debian.org/security/2003/dsa-231 http://www.kb.cert.org/vuls/id/284857 http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html http://www.redhat.com/support •

CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0

The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYJ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html •

CVSS: 5.0EPSS: 1%CPEs: 31EXPL: 0

BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://secunia.com/advisories/20217 http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDPYP http://www.kb.cert.org/vuls/id/IAFY-5FDT4U http://www.kb.cert.org/vuls/id/IAFY-5FZSLQ http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html http://www.securityfocus.com/archive/1/434523/100/0/threaded •

CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0

The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf http://www.kb.cert.org/vuls/id/457875 http://www.kb.cert.org/vuls/id/IAFY-5FDT5K http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html •

CVSS: 5.0EPSS: 12%CPEs: 11EXPL: 1

BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. BIND 8.3.x a 8.3.3 permite a atacantes remotos causar una denegación de servicio (terminación debido a fallo en aseveración) mediante una petición para un subdominio que no existe, con un registro de recurso OPT con una carga UDP grande. • https://www.exploit-db.com/exploits/22011 http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html http://marc.info/?l=bugtraq&m=103713117612842&w=2 http://marc.info/?l=bugtraq&m=103763574715133&w=2 http://online.securityfocus.com/advisories/4999 http://online.securityfocus.com/archive/1/300019 http://www.cert.org/advisories/CA-2002-31.html http://www.ciac.org/ciac/bulletins/n-013. •