14 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-3871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building ...
Fedora Update for pdns FEDORA-2019-c9c2f3b3eb
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for pdns FEDORA-2019-08b1477c9d
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : pdns (2019-2fca900a42)
Update to 4.1.7 Release notes: https://doc.powerdns.com/authoritative/changelog/4.1.htmlchange-4.1.7 Security Advisory: https://doc.powerdns.com/authoritative/security-advisories/powerdns-ad visory-2019-03.html Note that Tenable Network Security has extracted the preceding description block...
Debian DSA-4424-1 : pdns - security update
Adam Dobrawy, Frederico Silva and Gregory Brzeski from HyperOne.com discovered that pdns, an authoritative DNS server, did not properly validate user-supplied data when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend. This would allow a remote user to cause...
[SECURITY] [DSA 4424-1] pdns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4424-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 04, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4424-1] pdns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4424-1 [email protected] https://www.debian.org/security/ Sebastien Delafond April 04, 2019 https://www.debian.org/security/faq -...
OPENSUSE-SU-2019:1128-1 Security update for pdns
This update for pdns fixes the following issue: Security issue fixed: - CVE-2019-3871: Fixed an insufficient validation in the HTTP remote backend which could allow a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one bsc1129734...
Security update for pdns (important)
openSUSE Security Update: Security update for pdns Announcement ID: openSUSE-SU-2019:1128-1 Rating: important References: 1129734 Cross-References: CVE-2019-3871 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUSE Package Hub for SUSE Linux Enterprise 12 An...
Updated pdns packages fix security vulnerability
Updated pdns packages fix security vulnerability: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode without post=1 set, allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured...
[SECURITY] [DLA 1737-1] pdns security update
Package : pdns Version : 3.4.1-4+deb8u9 CVE ID : CVE-2019-3871 Debian Bug : 924966 A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector ...
Fedora 29 : pdns (2019-9993d32c48)
Update to 4.1.7 Release notes: https://doc.powerdns.com/authoritative/changelog/4.1.htmlchange-4.1.7 Security Advisory: https://doc.powerdns.com/authoritative/security-advisories/powerdns-ad visory-2019-03.html Note that Tenable Network Security has extracted the preceding description block...
[ASA-201903-13] powerdns: insufficient validation
Arch Linux Security Advisory ASA-201903-13 ========================================== Severity: High Date : 2019-03-22 CVE-ID : CVE-2019-3871 Package : powerdns Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-927 Summary ======= The package powerdns before...
CVE-2019-3871
The CVE-2019-3871 issue affects PowerDNS Authoritative Server prior to 4.0.7 and prior to 4.1.7. Affected component: HTTP Connector of the Remote backend; root cause: insufficient validation of user-provided data when building an HTTP request from a DNS query. Impact described in connected source...