PT-2005-3229 · Powerdns · Powerdns+1
Wilco Baan
·
Published
2005-07-19
·
Updated
2016-10-18
·
CVE-2005-2301
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
PowerDNS versions prior to 2.9.18
Description:
The issue is related to PowerDNS running with an LDAP backend, where it does not properly escape LDAP queries. This allows remote attackers to cause a denial of service, resulting in the failure to answer LDAP questions, and possibly conduct an LDAP injection attack.
Recommendations:
For versions prior to 2.9.18, update to version 2.9.18 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Powerdns
Powerdns Authoritative Server