904 matches found
DEBIAN-CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation...
CVE-2019-3806
PowerDNS Recursor (pdns-recursor) version range affected: after 4.1.3 up to before 4.1.9. The issue stems from Lua hooks not being properly applied to TCP queries in certain settings, potentially bypassing security policies enforced via Lua. Exploitation details are not provided in the supplied d...
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation...
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation...
CVE-2019-3806
An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua...
CVE-2019-3807
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation...
CVE-2019-3806
An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua...
CVE-2019-3806
An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua...
CVE-2019-3807
PowerDNS Recursor (4.1.x before 4.1.9) has a DNSSEC validation bypass in responses where AA=0; records in the answer section from authoritative servers were not properly validated. Public reports reference PowerDNS Recursor 4.1.9+ fixes, with Fedora/OpenSUSE advisories noting fixes in 2019 (and l...
FreeBSD : powerdns-recursor -- multiple vulnerabilities (40d92cc5-1e2b-11e9-bef6-6805ca2fa271)
PowerDNS Team reports : CVE-2019-3806: An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua. When the recursor is configured to run with...
Security update for pdns-recursor (important)
openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2019:0100-1 Rating: important References: 1121889 Cross-References: CVE-2019-3807 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...
[ASA-201901-13] powerdns-recursor: multiple issues
Arch Linux Security Advisory ASA-201901-13 ========================================== Severity: Medium Date : 2019-01-24 CVE-ID : CVE-2019-3806 CVE-2019-3807 Package : powerdns-recursor Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-856 Summary ======= The package...
MGASA-2019-0051 Updated pdns-recursor package fixes security vulnerabilities
An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua CVE-2019-3806. An issue has been found in PowerDNS Recursor where records in the...
Updated pdns-recursor package fixes security vulnerabilities
An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua CVE-2019-3806. An issue has been found in PowerDNS Recursor where records in the...
PowerDNS Recursor 4.1.x < 4.1.9 DNSSEC Signature Vulnerability
An issue has been found in PowerDNS Recursor where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation. SPDX-FileCopyrightText: 2019 Greenbone AG Some text description...
PowerDNS Recursor 4.1.4 < 4.1.9 Lua Hooks Vulnerability
An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted...
powerdns-recursor -- multiple vulnerabilities
PowerDNS Team reports: CVE-2019-3806: An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua. When the recursor is configured to run with...
MGASA-2019-0009 Updated pdns-recursor packages fix security vulnerabilities
A vulnerability was in found in PowerDNS Recursor. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows a malicious auth server to cause a...
Updated pdns-recursor packages fix security vulnerabilities
A vulnerability was in found in PowerDNS Recursor. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows a malicious auth server to cause a...
Fedora 28 : pdns-recursor (2018-c341b70641)
Fixes CVE-2018-16855 Crafted query can cause a denial of service ---- New upstream release with security fixes for CVE-2018-10851, CVE-2018-14626 and CVE-2018-14644 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...