 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.106120 |
| Kategorie: | Denial of Service |
| Titel: | PowerDNS Authoritative Server AXFR Response Denial of Service Vulnerability |
| Zusammenfassung: | PowerDNS Authoritative Server is prone to a denial of service vulnerability. |
| Beschreibung: | Summary: PowerDNS Authoritative Server is prone to a denial of service vulnerability. Vulnerability Insight: Primary DNS servers may cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message Vulnerability Impact: An authenticated remote attacker may cause a denial of service condition. Affected Software/OS: PowerDNS Authoritative Server Version <= 3.4.9 Solution: Update to version 4.0.1 or later CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6172 1036242 http://www.securitytracker.com/id/1036242 91678 http://www.securityfocus.com/bid/91678 DSA-3664 http://www.debian.org/security/2016/dsa-3664 [dns-operations] 20160704 DNS activities in Japan https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.html [oss-security] 20160706 Malicious primary DNS servers can crash secondaries http://www.openwall.com/lists/oss-security/2016/07/06/3 https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401 https://github.com/PowerDNS/pdns/issues/4128 https://github.com/PowerDNS/pdns/issues/4133 https://github.com/PowerDNS/pdns/pull/4134 https://github.com/sischkg/xfer-limit/blob/master/README.md openSUSE-SU-2016:2116 http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.html |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |