FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
7d08e608-5e95-11e6-b334-002590263bf5BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers

ISC reports:

DNS protocols were designed with the assumption that a certain amount of trust could be presumed between the operators of primary and secondary servers for a given zone. However, in current practice some organizations have scenarios which require them to accept zone data from sources that are not fully trusted (for example: providers of secondary name service). A party who is allowed to feed data into a zone (e.g. by AXFR, IXFR, or Dynamic DNS updates) can overwhelm the server which is accepting data by intentionally or accidentally exhausting that server's memory.


Discovery 2016-07-06
Entry 2016-08-10
Modified 2017-04-24
bind99
le 9.9.9P2

bind910
le 9.10.4P2

bind911
le 9.11.0.b2

bind9-devel
le 9.12.0.a.2016.11.02

knot
knot1
< 1.6.8

knot2
< 2.3.0

nsd
< 4.1.11

powerdns
< 4.0.1

CVE-2016-6170
CVE-2016-6171
CVE-2016-6172
CVE-2016-6173
https://kb.isc.org/article/AA-01390
http://www.openwall.com/lists/oss-security/2016/07/06/4