AVG-147

Package powerdns
Status Fixed
Severity Medium
Type multiple issues
Affected 4.0.1-7
Fixed 4.0.2-1
Current 4.1.1-1 [community]
Ticket None
Created Wed Jan 18 16:23:21 2017
Issue Severity Remote Type Description
CVE-2016-7074 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7073 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7072 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number...
CVE-2016-7068 Medium Yes Denial of service
An issue has been found in PowerDNS allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending...
CVE-2016-2120 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to crash the server by inserting a specially crafted record in a zone...
Date Advisory Package Description
19 Jan 2017 ASA-201701-29 powerdns multiple issues
References
http://seclists.org/oss-sec/2017/q1/97
https://doc.powerdns.com/md/security/powerdns-advisory-2016-02/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-03/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-05/