FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
61d89849-43cb-11eb-aba5-00a09858faf5powerdns -- Various issues in GSS-TSIG support

PowerDNS developers report:

A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature.

A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.

A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution by sending crafted queries with a GSS-TSIG signature.


Discovery 2020-08-27
Entry 2020-12-21
powerdns
< 4.4.0

CVE-2020-24696
CVE-2020-24697
CVE-2020-24698
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html
e3200958-dd6c-11e6-ae1b-002590263bf5powerdns -- multiple vulnerabilities

PowerDNS reports:

2016-02: Crafted queries can cause abnormal CPU usage

2016-03: Denial of service via the web server

2016-04: Insufficient validation of TSIG signatures

2016-05: Crafted zone record can cause a denial of service


Discovery 2016-12-15
Entry 2017-01-18
powerdns
< 3.4.11

ge 4.0.0 lt 4.0.2

powerdns-recursor
< 3.7.4

ge 4.0.0 lt 4.0.4

CVE-2016-7068
CVE-2016-7072
CVE-2016-7073
CVE-2016-7074
CVE-2016-2120
ports/216135
ports/216136
https://doc.powerdns.com/md/security/powerdns-advisory-2016-02/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-03/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-04/
https://doc.powerdns.com/md/security/powerdns-advisory-2016-05/
https://blog.powerdns.com/2017/01/13/powerdns-authoritative-server-4-0-2-released/
https://blog.powerdns.com/2017/01/13/powerdns-recursor-4-0-4-released/
6001cfc6-9f0f-4fae-9b4f-9b8fae001425PowerDNS -- Insufficient validation in the HTTP remote backend

PowerDNS developers report:

An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers.


Discovery 2019-03-18
Entry 2019-03-19
powerdns
< 4.1.7

https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
CVE-2019-3871
0aee2f13-ec1d-11e8-8c92-6805ca2fa271powerdns -- Multiple vulnerabilities

PowerDNS Team reports:

CVE-2018-10851: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause a memory leak by inserting a specially crafted record in a zone under their control, then sending a DNS query for that record. The issue is due to the fact that some memory is allocated before the parsing and is not always properly released if the record is malformed. When the PowerDNS Authoritative Server is run inside the guardian (--guardian), or inside a supervisor like supervisord or systemd, an out-of-memory crash will lead to an automatic restart, limiting the impact to a somewhat degraded service.

CVE-2018-14626: An issue has been found in PowerDNS Authoritative Server allowing a remote user to craft a DNS query that will cause an answer without DNSSEC records to be inserted into the packet cache and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific qname and qtype. For a DNSSEC-signed domain, this means that DNSSEC validating clients will consider the answer to be bogus until it expires from the packet cache, leading to a denial of service.


Discovery 2018-11-06
Entry 2018-11-19
powerdns
< 4.1.5

https://doc.powerdns.com/authoritative/changelog/4.1.html
CVE-2018-10851
CVE-2018-14626
1c21f6a3-9415-11e9-95ec-6805ca2fa271powerdns -- multiple vulnerabilities

PowerDNS Team reports:

CVE-2019-10162: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.

CVE-2019-10163: An issue has been found in PowerDNS Authoritative Server allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.


Discovery 2019-06-21
Entry 2019-06-21
powerdns
< 4.1.10

https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.10
CVE-2019-10162
CVE-2019-10163