exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2021-3672

Status Candidate

Overview

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

Related Files

Gentoo Linux Security Advisory 202405-29
Posted May 9, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-29 - Multiple vulnerabilities have been discovered in Node.js. Versions greater than or equal to 16.20.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-7774, CVE-2021-22883, CVE-2021-22884, CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-37701, CVE-2021-37712, CVE-2021-39134
SHA-256 | 896f93d8be3fd63618f8c7828d363945d93c89399750559db27ad47c3598d38a
Gentoo Linux Security Advisory 202401-02
Posted Jan 5, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-2 - Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity. Versions greater than or equal to 1.19.0 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-3672, CVE-2022-4904
SHA-256 | f55f7b8be0123269cf0a3020e3f41c3abd725971d2971cd48e32c027598008a2
Red Hat Security Advisory 2022-5188-01
Posted Jun 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5188-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902
SHA-256 | de99e1a865995c3cb23cb50bcf37b75b678a3a66147e77f88143a4717bf81758
Red Hat Security Advisory 2022-5132-01
Posted Jun 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-23222, CVE-2021-25219, CVE-2021-31566, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902, CVE-2022-24407
SHA-256 | bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07
Red Hat Security Advisory 2022-4880-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4880-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-23820, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-41190, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271
SHA-256 | c63643705f44dff2556cecc50e362faec1c7302c8cda104e2a0666de9f499543
Red Hat Security Advisory 2022-2043-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2043-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3672
SHA-256 | e108f148a1af54fb45ba9b223d0fd6dc59250d1e1df679442e56a5005bfb99b4
Red Hat Security Advisory 2021-3666-01
Posted Sep 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3666-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | c3e88fe61108ab45d44ef8e7ffedeed0ae53649beffdf3ca315f12cedd7d9b64
Red Hat Security Advisory 2021-3638-01
Posted Sep 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | 2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7
Red Hat Security Advisory 2021-3639-01
Posted Sep 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | 9af482c5f609c49bcc196fd310a95efd28a894a47260f53bda01540c21a0be32
Red Hat Security Advisory 2021-3623-01
Posted Sep 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3623-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | e179f4dbe148fdbdace9806a19f7395a84125ca2e4c6340fc7e2f527f5e7ff75
Red Hat Security Advisory 2021-3281-01
Posted Aug 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3281-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | a97b7a091b22d8e6f19348d372008be17ab2db2ec0672614160373556b6097c8
Red Hat Security Advisory 2021-3280-01
Posted Aug 29, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3280-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | f81e943687d783d753939b62f38493f546f7dcb8c0ef9e04785e923bb274be6e
Debian Security Advisory 4954-1
Posted Aug 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4954-1 - Philipp Jeitner and Haya Shulman discovered a flaw in c-ares, a library that performs DNS requests and name resolution asynchronously. Missing input validation of hostnames returned by DNS servers can lead to output of wrong hostnames (leading to Domain Hijacking).

tags | advisory
systems | linux, debian
advisories | CVE-2021-3672
SHA-256 | 0afbe743df467a029837a5ef0d6b4aca372c7816ee3d9c7768d240a3039adced
Ubuntu Security Notice USN-5034-2
Posted Aug 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5034-2 - USN-5034-1 fixed a vulnerability in c-ares. This update provides the corresponding update for Ubuntu 16.04 ESM. Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3672
SHA-256 | b6272743ed2999c6a9272961639371f6244f52741e00ff251e4e0c7e801567c4
Ubuntu Security Notice USN-5034-1
Posted Aug 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5034-1 - Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3672
SHA-256 | f458f3e21f0b136385b4278a91f13b23b253397410de44fb127932612c80f6af
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close