Linux Distros Unpatched Vulnerability : CVE-2016-7074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter...

Debian: Security Advisory (DLA-798-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-7074

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leadi...

PowerDNS Security Advisory 2016-04: Insufficient validation of TSIG signatures

Two issues have been found in PowerDNS Authoritative Server allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a...

CVE-2016-7074

CVE-2016-7074 affects PowerDNS (authoritative server and recursor): insufficient TSIG validation allows MITM to alter AXFR content due to missing check that the TSIG record is last, enabling parsing of records outside the TSIG scope. Affected: PowerDNS versions before 3.4.11/4.0.2 and recursor be...

Fedora 24 : pdns (2017-bb0b9ddf27)

Update to 4.0.3 - Security fix for CVE-2016-2120, CVE-2016-7068, CVE-2016-7072, CVE-2016-7073, CVE-2016-7074 Release notes 4.0.2: https://doc.powerdns.com/md/changelog/powerdns-authoritative-server-4 02 Release notes 4.0.3: https://doc.powerdns.com/md/changelog/powerdns-authoritative-server-4 03...

Fedora 25 : pdns (2017-cbd5501d31)

Update to 4.0.3 - Security fix for CVE-2016-2120, CVE-2016-7068, CVE-2016-7072, CVE-2016-7073, CVE-2016-7074 Release notes 4.0.2: https://doc.powerdns.com/md/changelog/powerdns-authoritative-server-4 02 Release notes 4.0.3: https://doc.powerdns.com/md/changelog/powerdns-authoritative-server-4 03...

Fedora Update for pdns FEDORA-2017-cbd5501d31

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-798-1 : pdns security update

Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take...

[SECURITY] [DLA 798-1] pdns security update

Package : pdns Version : 3.1-4.1+deb7u3 CVE ID : CVE-2016-2120 CVE-2016-7068 CVE-2016-7072 CVE-2016-7073 CVE-2016-7074 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems:...

Fedora Update for pdns-recursor FEDORA-2017-8308bc2a6e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201701-29] powerdns: multiple issues

Arch Linux Security Advisory ASA-201701-29 ========================================== Severity: Medium Date : 2017-01-19 CVE-ID : CVE-2016-2120 CVE-2016-7068 CVE-2016-7072 CVE-2016-7073 CVE-2016-7074 Package : powerdns Type : multiple issues Remote : Yes Link :...

openSUSE Security Update : pdns (openSUSE-2017-112)

This update for pdns fixes the following issues : - CVE-2016-2120: Crafted zone record could have caused a denial of service bsc1018329. - CVE-2016-7068: Crafted queries could have caused abnormal CPU usage bsc1018326. - CVE-2016-7072: Denial of service via the web server bsc1018327. -...

Debian DSA-3764-1 : pdns - security update

Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take...

Debian Security Advisory DSA 3764-1 (pdns - security update)

Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advanta...

Debian: Security Advisory (DSA-3764-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...