|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200502-15] PowerDNS: Denial of Service vulnerability Vulnerability Scan
Vulnerability Scan Summary PowerDNS: Denial of Service vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200502-15
(PowerDNS: Denial of Service vulnerability)
A vulnerability has been reported in the DNSPacket::expand method
of dnspacket.cc.
Impact
A possible hacker could cause a temporary Denial of Service by sending a
random stream of bytes to the PowerDNS Daemon.
Workaround
There is no known workaround at this time.
References:
http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-17
http://ds9a.nl/cgi-bin/cvstrac/pdns/tktview?tn=21
Solution:
All PowerDNS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/pdns-2.9.17"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|