 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2019.0122 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2019-0122) |
| Zusammenfassung: | The remote host is missing an update for the 'pdns' package(s) announced via the MGASA-2019-0122 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'pdns' package(s) announced via the MGASA-2019-0122 advisory. Vulnerability Insight: Updated pdns packages fix security vulnerability: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers (CVE-2019-3871). Affected Software/OS: 'pdns' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-3871 BugTraq ID: 107491 http://www.securityfocus.com/bid/107491 Bugtraq: 20190404 [SECURITY] [DSA 4424-1] pdns security update (Google Search) https://seclists.org/bugtraq/2019/Apr/8 Debian Security Information: DSA-4424 (Google Search) https://www.debian.org/security/2019/dsa-4424 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/ https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html https://lists.debian.org/debian-lts-announce/2019/03/msg00039.html http://www.openwall.com/lists/oss-security/2019/03/18/4 SuSE Security Announcement: openSUSE-SU-2019:1128 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |