{"vulnerability": "CVE-2020-2570", "sightings": [{"uuid": "9b766693-9144-415d-b302-223eb770c4e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "seen", "source": "MISP/8bf83bbc-da70-46f8-bc54-a31bfdf4e014", "content": "", "creation_timestamp": "2024-11-14T06:07:37.000000Z"}, {"uuid": "22c26075-6670-404f-9193-f8a6c4dc9f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "seen", "source": "https://t.me/cKure/2792", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Sad DNS Attack\u2014 New Flaws Re-Enable DNS Cache Poisoning Attacks.\n\nCVE-2020-25705\n\nhttps://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html", "creation_timestamp": "2020-11-13T08:01:15.000000Z"}, {"uuid": "0f19e28b-d19b-498d-bb26-dd8571e67263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25708", "type": "seen", "source": "https://t.me/cibsecurity/16902", "content": "\u203c CVE-2020-25708 \u203c\n\nA divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-27T20:50:21.000000Z"}, {"uuid": "7b65cddd-53c9-40f2-b6d9-1aa431bb299d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "seen", "source": "https://t.me/HackerOne/2833", "content": "\u26a1 SAD DNS Attack !!!\n\nA series of new vulnerabilities (CVE-2020-25705) in Linux, Windows, macOS, and FreeBSD systems re-enable classic DNS cache poisoning attack, leaving millions of users vulnerable.\n\nDetails: https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html", "creation_timestamp": "2020-11-13T08:17:27.000000Z"}, {"uuid": "b9fcce06-ba3a-4a92-92e1-15e037aaba25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "seen", "source": "https://t.me/thehackernews/897", "content": "\u26a1 SAD DNS Attack !!!\n\nA series of new vulnerabilities (CVE-2020-25705) in Linux, Windows, macOS, and FreeBSD systems re-enable classic DNS cache poisoning attack, leaving millions of users vulnerable.\n\nDetails: https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html", "creation_timestamp": "2020-11-13T08:14:44.000000Z"}, {"uuid": "833f1404-449a-4240-b801-de3e049cdf79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2089", "content": "#Research\n\"DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels\" (CVE-2020-25705), 2020.\n]-> PoC: https://github.com/tdwyer/CVE-2020-25705", "creation_timestamp": "2024-09-28T17:36:05.000000Z"}, {"uuid": "8e9cc10f-2e9a-435a-bceb-d0055620d1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25705", "type": "seen", "source": "https://t.me/cibsecurity/16425", "content": "\u203c CVE-2020-25705 \u203c\n\nA flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-17T07:38:29.000000Z"}, {"uuid": "f1966486-8a71-43fe-bdcf-d7bc53365f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25706", "type": "seen", "source": "https://t.me/cibsecurity/16208", "content": "\u203c CVE-2020-25706 \u203c\n\nA cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T16:31:41.000000Z"}, {"uuid": "ada7cb29-8b2b-4c0f-84fc-852b1dc7cf92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25702", "type": "seen", "source": "https://t.me/cibsecurity/16600", "content": "\u203c CVE-2020-25702 \u203c\n\nIn Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T20:41:38.000000Z"}, {"uuid": "1e3d7c86-29d0-47d2-a1c4-7ce0812c7970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25700", "type": "seen", "source": "https://t.me/cibsecurity/16602", "content": "\u203c CVE-2020-25700 \u203c\n\nIn moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, and 3.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T20:41:41.000000Z"}, {"uuid": "e1912637-64dd-4962-9cee-cda7cfe1ca5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25703", "type": "seen", "source": "https://t.me/cibsecurity/16606", "content": "\u203c CVE-2020-25703 \u203c\n\nThe participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T20:41:45.000000Z"}, {"uuid": "17e4fea7-8b39-45e5-8034-080868a6f0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25701", "type": "seen", "source": "https://t.me/cibsecurity/16608", "content": "\u203c CVE-2020-25701 \u203c\n\nIf the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, 3.5.15, and 3.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T20:41:47.000000Z"}]}