GLSA-202012-19 : PowerDNS Recursor: Denial of service

The remote host is affected by the vulnerability described in GLSA-202012-19 PowerDNS Recursor: Denial of service It was discovered that it was possible to update the DNSSEC validation state to a bogus state for a cached record via DNS ANY query. Impact : A remote attacker could send specially...

PowerDNS Recursor: Denial of service

Background PowerDNS Recursor is a high-end, high-performance resolving name server. Description It was discovered that it was possible to update the DNSSEC validation state to a bogus state for a cached record via DNS ANY query. Impact A remote attacker could send specially crafted DNS queries to...

[SECURITY] Fedora 32 Update: pdns-recursor-4.3.5-1.fc32

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

Fedora: Security Advisory for pdns-recursor (FEDORA-2020-81026ddd81)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 32 : pdns-recursor (2020-81026ddd81)

Update to 4.3.5 Release notes: https://docs.powerdns.com/recursor/security-advisories/powerdns-adviso ry-2020-07.html Security Advisory: https://docs.powerdns.com/recursor/security-advisories/powerdns-adviso ry-2020-07.html Note that Tenable Network Security has extracted the preceding...

PowerDNS Recursor < 4.1.18, 4.2.0 < 4.2.4, 4.3.0 < 4.3.4 DoS Vulnerability

PowerDNS Recursor is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora 33 : pdns-recursor (2020-51ca2615fe)

Update to 4.3.5 Release notes: https://docs.powerdns.com/recursor/security-advisories/powerdns-adviso ry-2020-07.html Security Advisory: https://docs.powerdns.com/recursor/security-advisories/powerdns-adviso ry-2020-07.html Note that Tenable Network Security has extracted the preceding...

Updated pdns-recursor package fixes a security vulnerability

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...

Fedora: Security Advisory for pdns-recursor (FEDORA-2020-51ca2615fe)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 33 Update: pdns-recursor-4.3.5-1.fc33

PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network...

FreeBSD : powerdns-recursor -- cache pollution (a6860b11-0dee-11eb-94ff-6805ca2fa271)

PowerDNS Team reports : CVE-2020-25829: An issue has been found in PowerDNS Recursor where a remote attacker can cause the cached records for a given name to be updated to the 'Bogus' DNSSEC validation state, instead of their actual DNSSEC 'Secure' state, via a DNS ANY query. This results in a...

openSUSE Security Update : pdns-recursor (openSUSE-2020-1687)

This update for pdns-recursor fixes the following issues : -pdns-recursorwas updated to 4.1.1 and 4.3.5 : - CVE-2020-25829: Fixed a cache pollution related to DNSSEC validation boo1177383 - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302. C...

Denial Of Service (DoS)

pdns-recursor is vulnerable to denial of service. A remote attacker is able to cause the cached records for a given name to be updated to the Bogus DNSSEC validation state instead of their actual DNSSEC Secure state via a DNS ANY query, resulting in a denial of service condition for the...

openSUSE: Security Advisory for pdns-recursor (openSUSE-SU-2020:1687-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[ASA-202010-6] powerdns-recursor: denial of service

Arch Linux Security Advisory ASA-202010-6 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-25829 Package : powerdns-recursor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1243 Summary ======= The package powerdns-recurs...

OPENSUSE-SU-2020:1687-1 Security update for pdns-recursor

This update for pdns-recursor fixes the following issues: -pdns-recursorwas updated to 4.1.1 and 4.3.5: - CVE-2020-25829: Fixed a cache pollution related to DNSSEC validation boo1177383 - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302...

Security update for pdns-recursor (important)

openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2020:1687-1 Rating: important References: 1173302 1177383 Cross-References: CVE-2020-14196 CVE-2020-25829 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE...

CVE-2020-25829

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...

CVE-2020-25829

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...

DEBIAN-CVE-2020-25829

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...