13 matches found
[SECURITY] [DLA 3855-1] pdns-recursor security update
Debian LTS Advisory DLA-3855-1 [email protected] https://www.debian.org/lts/security/ ; Daniel Leidert July 01, 2024 https://wiki.debian.org/LTS Package : pdns-recursor Version : 4.1.11-1+deb10u2 CVE...
Debian dla-3855 : pdns-recursor - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3855 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3855-1 [email protected]...
Mageia: Security Advisory (MGASA-2020-0286)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : pdns-recursor (openSUSE-2020-1687)
This update for pdns-recursor fixes the following issues : -pdns-recursorwas updated to 4.1.1 and 4.3.5 : - CVE-2020-25829: Fixed a cache pollution related to DNSSEC validation boo1177383 - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302. C...
OPENSUSE-SU-2020:1101-1 Security update for pdns-recursor
This update for pdns-recursor fixes the following issues: - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302. This update was imported from the openSUSE:Leap:15.2:Update update project...
OPENSUSE-SU-2020:1055-1 Security update for pdns-recursor
This update for pdns-recursor fixes the following issues: - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302. This update was imported from the openSUSE:Leap:15.1:Update update project...
openSUSE: Security Advisory for pdns-recursor (openSUSE-SU-2020:1005-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : pdns-recursor (openSUSE-2020-1005)
This update for pdns-recursor fixes the following issues : - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
OPENSUSE-SU-2020:1005-1 Security update for pdns-recursor
This update for pdns-recursor fixes the following issues: - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication boo1173302...
Updated pdns-recursor packages fix security vulnerability
Updated pdns-recursor package fixes security vulnerability: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the...
FreeBSD : powerdns-recursor -- access restriction bypass (641cd669-bc37-11ea-babf-6805ca2fa271)
PowerDNS Team reports : CVE-2020-14196: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction. In the...
CVE-2020-14196
PowerDNS Recursor (pdns-recursor) is affected by CVE-2020-14196, where the ACL restricting access to the internal web server is not properly enforced in versions up to 4.3.1, 4.2.2 and 4.1.16. Several connected advisories confirm this issue and note that mitigations involve upgrading to a fixed p...
powerdns-recursor -- access restriction bypass
PowerDNS Team reports: CVE-2020-14196: An issue has been found in PowerDNS Recursor where the ACL applied to the internal web server via webserver-allow-from is not properly enforced, allowing a remote attacker to send HTTP queries to the internal web server, bypassing the restriction. In the...