Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.878029 |
Kategorie: | Fedora Local Security Checks |
Titel: | Fedora: Security Advisory for adns (FEDORA-2020-530188bf36) |
Zusammenfassung: | The remote host is missing an update for the 'adns'; package(s) announced via the FEDORA-2020-530188bf36 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'adns' package(s) announced via the FEDORA-2020-530188bf36 advisory. Vulnerability Insight: adns is a resolver library for C (and C++) programs. In contrast with the existing interfaces, gethostbyname et al and libresolv, it has the following features: - It is reasonably easy to use for simple programs which just want to translate names to addresses, look up MX records, etc. - It can be used in an asynchronous, non-blocking, manner. Many queries can be handled simultaneously. - Responses are decoded automatically into a natural representation for a C program - there is no need to deal with DNS packet formats. - Sanity checking (eg, name syntax checking, reverse/forward correspondence, CNAME pointing to CNAME) is performed automatically. - Time-to-live, CNAME and other similar information is returned in an easy-to-use form, without getting in the way. - There is no global state in the library, resolver state is an opaque data structure which the client creates explicitly. A program can have several instances of the resolver. - Errors are reported to the application in a way that distinguishes the various causes of failure properly. - Understands conventional resolv.conf, but this can overridden by environment variables. - Flexibility. For example, the application can tell adns to: ignore environment variables (for setuid programs), disable sanity checks eg to return arbitrary data, override or ignore resolv.conf in favour of supplied configuration, etc. - Believed to be correct ! For example, will correctly back off to TCP in case of long replies or queries, or to other nameservers if several are available. It has sensible handling of bad responses etc. Affected Software/OS: 'adns' package(s) on Fedora 32. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-9105 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRVHN3GGVNQWAOL3PWC5FLAV7HUESLZR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UGFZ4SPV6KFQK6ZNUZFB5Y32OYFOM5YJ/ http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git Common Vulnerability Exposure (CVE) ID: CVE-2017-9103 SuSE Security Announcement: openSUSE-SU-2020:0827 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00037.html Common Vulnerability Exposure (CVE) ID: CVE-2017-9104 Common Vulnerability Exposure (CVE) ID: CVE-2017-9109 Common Vulnerability Exposure (CVE) ID: CVE-2017-9106 Common Vulnerability Exposure (CVE) ID: CVE-2017-9107 Common Vulnerability Exposure (CVE) ID: CVE-2017-9108 |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |