Download
| Alert*
|
oval:org.secpod.oval:def:1800885
CVE-2016-2120: Crafted zone record can cause a denial of service Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Authorita ... oval:org.secpod.oval:def:111928 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:111930 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:111944 The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. oval:org.secpod.oval:def:602736 Florian Heinz and Martin Kluge reported that pdns-recursor, a recursive DNS server, parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a parti ... oval:org.secpod.oval:def:1800453 CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Recursor up to and including 3.7.3, 4.0.3Not affected: PowerDNS Recursor 3.7.4, 4.0.4 Reference Patches CVE-2016-7073, CVE-2016-7074: Insufficient validation of TSIG signatures Affects: PowerDNS Recursor from 4.0.0 and up ... oval:org.secpod.oval:def:111947 The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. oval:org.secpod.oval:def:602737 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advantage ... |
