PT-2018-4978 · Powerdns+1 · Powerdns Authoritative Server+1

Mongo

Publicado

2017-01-13

Atualizado

2024-06-15

CVE-2016-7072

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions PowerDNS Authoritative Server versions prior to 3.4.11 PowerDNS Authoritative Server versions prior to 4.0.2

Description A remote, unauthenticated attacker can cause a denial of service by opening a large number of TCP connections to the web server, potentially triggering an exception and terminating the PowerDNS process if the web server runs out of file descriptors.

Recommendations For PowerDNS Authoritative Server versions prior to 3.4.11, update to version 3.4.11 or later. For PowerDNS Authoritative Server versions prior to 4.0.2, update to version 4.0.2 or later.

Correção

DoS

RCE

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-400

Identificadores relacionados

ALT-PU-2017-1425

CVE-2016-7072

DLA-798-1

DSA-3764-1

MGASA-2017-0033

OPENSUSE-SU-2024:11156-1

Produtos afetados

Alt Linux

Powerdns Authoritative Server

PT-2018-4978 · Powerdns+1 · Powerdns Authoritative Server+1

CVE-2016-7072

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 47