6 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-10030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker with enough privileges to change the system's hostname to...
Fedora 32 : pdns-recursor (2020-d9abb0c06d)
Fixes CVE-2020-10995, CVE-2020-12244 and CVE-2020-10030 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
FreeBSD : powerdns-recursor -- multiple vulnerabilities (f9c5a410-9b4e-11ea-ac3f-6805ca2fa271)
PowerDNS Team reports : CVE-2020-10995: An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between...
openSUSE Security Update : pdns-recursor (openSUSE-2020-698)
This update for pdns-recursor fixes the following issues : - update to 4.1.16 - fixes an issue where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated CVE-2020-12244, boo1171553 - fixes an issue where invalid hostname on the server can result in...
PowerDNS Recursor 4.1.0 < 4.1.16, 4.2.0 < 4.2.2, 4.3.0 Multiple Vulnerabilities
PowerDNS Recursor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:powerdns:recursor";...
CVE-2020-10030
PowerDNS Recursor (versions 4.1.0–4.3.0) is affected by CVE-2020-10030. A stack-based out-of-bounds read occurs when an attacker with privileges to change the hostname triggers disclosure of uninitialized memory due to gethostname() not null-terminating the returned string for hostnames larger th...