openSUSE Security Update : pdns (openSUSE-2017-112)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for pdns fixes the following issues :

- CVE-2016-2120: Crafted zone record could have caused a
denial of service (bsc#1018329).

- CVE-2016-7068: Crafted queries could have caused
abnormal CPU usage (bsc#1018326).

- CVE-2016-7072: Denial of service via the web server
(bsc#1018327).

- CVE-2016-7073: Fixed insufficient validation of TSIG
signatures (bsc#1018328).

- CVE-2016-7074: Fixed insufficient validation of TSIG
signatures ((bsc#1018328).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1018326
https://bugzilla.opensuse.org/show_bug.cgi?id=1018327
https://bugzilla.opensuse.org/show_bug.cgi?id=1018328
https://bugzilla.opensuse.org/show_bug.cgi?id=1018329

Solution :

Update the affected pdns packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 96583 ()

Bugtraq ID:

CVE ID: CVE-2016-2120
CVE-2016-7068
CVE-2016-7072
CVE-2016-7073
CVE-2016-7074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now