 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.66776 |
| Kategorie: | Debian Local Security Checks |
| Titel: | Debian Security Advisory DSA 1968-2 (pdns-recursor) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to pdns-recursor announced via advisory DSA 1968-2. It was discovered that pdns-recursor, the PowerDNS recursive name server, contains a cache poisoning vulnerability which may allow attackers to trick the server into serving incorrect DNS data (CVE-2009-4010). This DSA provides a security update for the old stable distribution (etch), similar to the previous update in DSA-1968-1. (Note that the etch version of pdns-recursor was not vulnerable to CVE-2009-4009.) Extra care should be applied when installing this update. It is an etch backport of the lenny version of the package (3.1.7 with security fixes applied). Major differences in internal domain name processing made backporting just the security fix too difficult. For the old stable distribution (etch), this problem has been fixed in version 3.1.4+v3.1.7-0+etch1. We recommend that you upgrade your pdns-recursor package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%201968-2 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-4010 BugTraq ID: 37653 http://www.securityfocus.com/bid/37653 Bugtraq: 20100106 Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2 (Google Search) http://www.securityfocus.com/archive/1/508743/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html http://securitytracker.com/id?1023404 http://secunia.com/advisories/38004 http://secunia.com/advisories/38068 http://www.vupen.com/english/advisories/2010/0054 XForce ISS Database: powerdns-zones-spoofing(55439) https://exchange.xforce.ibmcloud.com/vulnerabilities/55439 Common Vulnerability Exposure (CVE) ID: CVE-2009-4009 BugTraq ID: 37650 http://www.securityfocus.com/bid/37650 http://securitytracker.com/id?1023403 XForce ISS Database: powerdns-unspecified-bo(55438) https://exchange.xforce.ibmcloud.com/vulnerabilities/55438 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |