Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2025/01/15 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-7203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.06041EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.20 views

openSUSE Security Update : pdns (openSUSE-2019-403)

This update for pdns fixes the following issues : Security issues fixed : - CVE-2018-1046: Fix an issue with replaying a specially crafted PCAP file that can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution bsc1092540. %NASLMINLEVEL 70300 C Tenabl...

9.3CVSS7.8AI score0.01411EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/07/16 8:29 p.m.19 views

CVE-2018-1046

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overfl...

9.3CVSS7.6AI score0.01411EPSS
Exploits0References3
CVE
CVE
added 2018/07/16 8:0 p.m.82 views

CVE-2018-1046

The CVE concerns pdns (PowerDNS Authoritative) where dnsreplay is vulnerable to a stack-based buffer overflow when replaying a crafted PCAP file, and specifically when the -ecs-stamp option is used. Affected software is PowerDNS Authoritative (pdns) before version 4.1.2. The issue can cause a cra...

9.3CVSS7.8AI score0.01411EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/12 1:46 p.m.5 views

SUSE-SU-2018:1660-1 Security update for pdns

This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-1046: Fix an issue with replaying a specially crafted PCAP file that can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution bsc1092540...

9.3CVSS8AI score0.01411EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2018/05/29 6:7 p.m.69 views

opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Tue, 29 May 2018 18:07:29 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: &lt;<a href="msg00112.html">[email protected]</a>&gt;</li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for pdns<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1462-1<br> Rating: low<br> References: #1092540 <br> Cross-References: CVE-2018-1046<br> Affected Products:<br> SUSE Package Hub for SUSE Linux Enterprise 12<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> <br> pdns was updated to 4.1.2.<br> <br> Security fixes:<br> <br> * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046<br> bsc#1092540)<br> <br> Improvements:<br> <br> * API: increase serial after dnssec related updates<br> * Auth: lower ‘packet too short’ loglevel<br> * Make check-zone error on rows that have content but shouldn’t<br> * Auth: avoid an isane amount of new backend connections during an axfr<br> * Report unparseable data in stoul invalid_argument exception<br> * Backport: recheck serial when axfr is done<br> * Backport: add tcp support for alias<br> <br> Bug Fixes:<br> <br> * Auth: allocate new statements after reconnecting to postgresql<br> * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer)<br> * Rather than crash, sheepishly report no file/linenum<br> * Document undocumented config vars<br> * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate<br> <br> Misc fixes:<br> <br> * Move includes around to avoid boost L conflict<br> * Backport: update edns option code list<br> * Auth: link dnspcap2protobuf against librt when needed<br> * Fix a warning on botan &amp;gt;= 2.5.0<br> * Auth 4.1.x: unbreak build<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or &quot;zypper patch&quot;.<br> <br> Alternatively you can run the command listed for your product:<br> <br> - SUSE Package Hub for SUSE Linux Enterprise 12:<br> <br> zypper in -t patch openSUSE-2018-538=1<br> <br> <br> <br> Package List:<br> <br> - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x <br> x86_64):<br> <br> pdns-4.1.2-8.1<br> pdns-backend-godbc-4.1.2-8.1<br> pdns-backend-ldap-4.1.2-8.1<br> pdns-backend-lua-4.1.2-8.1<br> pdns-backend-mydns-4.1.2-8.1<br> pdns-backend-mysql-4.1.2-8.1<br> pdns-backend-postgresql-4.1.2-8.1<br> pdns-backend-remote-4.1.2-8.1<br> pdns-backend-sqlite3-4.1.2-8.1<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2018-1046.html">https://www.suse.com/security/cve/CVE-2018-1046.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1092540">https://bugzilla.suse.com/1092540</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> &lt; Previous </td> <td align="right"> Next &gt; </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for pdns</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)

pdns was updated to 4.1.2. Security fixes: Dnsreplay: bail out on a too small outgoing buffer CVE-2018-1046 bsc1092540 Improvements: API: increase serial after dnssec related updates Auth: lower ‘packet too short’ loglevel Make check-zone error on rows that have content but shouldn’t Auth:...

0.01411EPSS
Exploits0References1
OSV
OSV
added 2018/05/29 10:59 a.m.7 views

OPENSUSE-SU-2018:1462-1 Security update for pdns

pdns was updated to 4.1.2. Security fixes: Dnsreplay: bail out on a too small outgoing buffer CVE-2018-1046 bsc1092540 Improvements: API: increase serial after dnssec related updates Auth: lower ‘packet too short’ loglevel Make check-zone error on rows that have content but shouldn’t Auth: avoid ...

9.3CVSS7.7AI score0.01411EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.30 views

openSUSE Security Update : pdns (openSUSE-2018-532)

This update for pdns fixes the following issues : Security issues fixed : - CVE-2018-1046: Fix an issue with replaying a specially crafted PCAP file that can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution bsc1092540. %NASLMINLEVEL 70300 C Tenabl...

9.3CVSS7.8AI score0.01411EPSS
Exploits0References2
Mageia
Mageia
added 2018/05/24 4:30 p.m.24 views

Updated pdns packages fix security vulnerability

A stack-based buffer overflow in the dnsreplay tool occurring when replaying a specially crafted PCAP file with the --ecs-stamp option enabled, leading to a denial of service or potentially arbitrary code execution CVE-2018-1046...

9.3CVSS4.1AI score0.01411EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/24 12:0 a.m.31 views

openSUSE Security Update : pdns (openSUSE-2018-491)

This update for pdns fixes the following issue : - CVE-2018-1046: An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code executio...

9.3CVSS7.8AI score0.01411EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/05/23 3:9 p.m.63 views

Security update for pdns (moderate)

This update for pdns fixes the following issue: - CVE-2018-1046: An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution...

4.8AI score0.01411EPSS
Exploits0References1
Rows per page
Query Builder