From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-201202-04.xml | 64 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 metadata/glsa/glsa-201202-04.xml (limited to 'metadata/glsa/glsa-201202-04.xml') diff --git a/metadata/glsa/glsa-201202-04.xml b/metadata/glsa/glsa-201202-04.xml new file mode 100644 index 000000000000..ec90803cd34d --- /dev/null +++ b/metadata/glsa/glsa-201202-04.xml @@ -0,0 +1,64 @@ + + + + PowerDNS: Denial of Service + A vulnerability in PowerDNS could allow a remote attacker to create + a Denial of Service condition. + + pdns + 2012-02-22 + 2012-02-22: 1 + 398403 + remote + + + 3.0.1 + 3.0.1 + + + +

The PowerDNS nameserver is an authoritative-only nameserver which uses a + flexible backend architecture. +

+ + +

A vulnerability has been found in PowerDNS which could cause a packet + loop of DNS responses. +

+ + +

A remote attacker could send specially crafted DNS response packets, + possibly resulting in a Denial of Service condition. +

+ + +

PowerDNS users can set "cache-ttl=0" in /etc/powerdns/pdns.conf and then + restart the PowerDNS daemon: +

+ + + # /etc/init.d/pdns restart + + +

Please review the PowerDNS Security Advisory below for more workaround + details. +

+ + +

All PowerDNS users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-dns/pdns-3.0.1" + + + + + CVE-2012-0206 + PowerDNS + Security Advisory 2012-01 + + + ackle + ackle + -- cgit v1.2.3