4 matches found
Fedora 27 : yadifa (2017-4f2fbc84d9)
20170912: YADIFA 2.2.6 --- Fixes an issue where a maliciously crafted message may block the server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much a...
Debian DSA-4001-1 : yadifa - security update
It was discovered that YADIFA, an authoritative DNS server, did not sufficiently check its input. This allowed a remote attacker to cause a denial-of-service by forcing the daemon to enter an infinite loop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
CVE-2017-14339
YADIFA DNS server (versions before 2.2.6) is affected by CVE-2017-14339 due to a DNS packet parser that does not detect infinite pointer loops, enabling an attacker to cause an infinite loop with high CPU usage and a non-responsive server. The issue is resolved in 2.2.6; affected systems should u...
CVE-2017-14339
The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive...