Download
| Alert*
oval:org.secpod.oval:def:1800885
CVE-2016-2120: Crafted zone record can cause a denial of service Affects: PowerDNS Authoritative Server up to and including 3.4.10, 4.0.1Not affected: PowerDNS Authoritative Server 3.4.11, 4.0.2 Reference Patches CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Authorita ... oval:org.secpod.oval:def:111928 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:111930 PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. oval:org.secpod.oval:def:111944 The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. oval:org.secpod.oval:def:1800453 CVE-2016-7068: Crafted queries can cause abnormal CPU usage Affects: PowerDNS Recursor up to and including 3.7.3, 4.0.3Not affected: PowerDNS Recursor 3.7.4, 4.0.4 Reference Patches CVE-2016-7073, CVE-2016-7074: Insufficient validation of TSIG signatures Affects: PowerDNS Recursor from 4.0.0 and up ... oval:org.secpod.oval:def:111947 The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. oval:org.secpod.oval:def:602737 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advantage ... oval:org.secpod.oval:def:1901554 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading ... |