Download
| Alert*
oval:org.secpod.oval:def:107472
PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:107467 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:108819 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:602162 Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service . oval:org.secpod.oval:def:108795 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:602609 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-5426 / CVE-2016-5427 Florian Heinz and Martin Kluge reported that the PowerDNS Authoritative Server accepts queries with a ... oval:org.secpod.oval:def:64147 Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers and insufficient validation of NXDOMAIN responses lacking an SOA. The version of pdns-recursor in the oldstable distribution is no longe ... oval:org.secpod.oval:def:1801537 CVE-2018-10851: Crafted answer can cause a denial of service¶ An issue has been found in PowerDNS Recursor allowing a malicious authoritative server to cause a memory leak by sending specially crafted records. The issue is due to the fact that some memory is allocated before the parsing and is ... oval:org.secpod.oval:def:1901074 An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash. oval:org.secpod.oval:def:605101 pdns-recursor is installed oval:org.secpod.oval:def:107468 pdns-recursor is installed oval:org.secpod.oval:def:601873 Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial-of-service. oval:org.secpod.oval:def:601874 pdns-recursor is installed oval:org.secpod.oval:def:1800454 pdns-recursor is installed oval:org.secpod.oval:def:111928 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:111930 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:602736 Florian Heinz and Martin Kluge reported that pdns-recursor, a recursive DNS server, parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a parti ... oval:org.secpod.oval:def:1800453 CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Recursor up to and including 3.7.3, 4.0.3Not affected: PowerDNS Recursor 3.7.4, 4.0.4 Reference Patches CVE-2016-7073, CVE-2016-7074: Insufficient validation of TSIG signatures Affects: PowerDNS Recursor from 4.0.0 and up ... oval:org.secpod.oval:def:1800688 CVE-2017-15090: Insufficient validation of DNSSEC signatures Affects:¶ PowerDNS Recursor from 4.0.0 and up to and including 4.0.6 Not affected:¶ PowerDNS Recursor oval:org.secpod.oval:def:113766 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:113761 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:114630 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:113781 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:53208 Toshifumi Sakaguchi discovered that PowerDNS Recursor, a high-performance resolving name server was susceptible to denial of service via a crafted CNAME answer. The oldstable distribution is not affected. oval:org.secpod.oval:def:603210 Toshifumi Sakaguchi discovered that PowerDNS Recursor, a high-performance resolving name server was susceptible to denial of service via a crafted CNAME answer. The oldstable distribution is not affected. oval:org.secpod.oval:def:3301091 SUSE Security Update: Security update for pdns-recursor oval:org.secpod.oval:def:115932 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:115935 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:1801769 An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction.changed the descriptionmade the issue visible to ever ... oval:org.secpod.oval:def:115635 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:115643 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:2004249 In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. oval:org.secpod.oval:def:2004251 PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply ... oval:org.secpod.oval:def:604865 Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers and insufficient validation of NXDOMAIN responses lacking an SOA. The version of pdns-recursor in the oldstable distribution is no longe ... oval:org.secpod.oval:def:1900810 When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor"s ACL by adding and removing netmasks, and to configure forward zones. It w ... oval:org.secpod.oval:def:1901267 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in ... oval:org.secpod.oval:def:602737 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advantage ... oval:org.secpod.oval:def:1901554 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading ... oval:org.secpod.oval:def:613022 One of the upstream changes in the update released as DSA 5626 contained a regression in the zoneToCache function. Updated pdns-recursor packages are available to correct this issue. oval:org.secpod.oval:def:98523 It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server. oval:org.secpod.oval:def:3302356 Security update for pdns-recursor oval:org.secpod.oval:def:3300285 SUSE Security Update: Security update for pdns-recursor oval:org.secpod.oval:def:613070 It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursive forwarding is configured. |