[3.5] pdns: Multiple vulnerabilities (CVE-2016-2120, CVE-2016-7068, CVE-2016-7072, CVE-2016-7073, CVE-2016-7074)ID: oval:org.secpod.oval:def:1800885 | Date: (C)2018-03-28 (M)2021-11-09 |
Class: PATCH | Family: unix |
CVE-2016-2120: Crafted zone record can cause a denial of service Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches CVE-2016-7072: Denial of service via the web server Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches CVE-2016-7073, CVE-2016-7074: Insufficient validation of TSIG signatures Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches
Platform: |
Alpine Linux 3.5 |