Package: pdns-recursor Version: all Severity: critical Tags: security, fixed-upstream
CVE-2006-4251: " PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a buffer overflow which might be exploitable [..] PowerDNS Recursor 3.1.3 and previous miscalculate the length of incoming TCP DNS queries, and will attempt to read up to 4 gigabytes of query into a 65535 byte buffer. We have not verified if this problem might actually lead to a system compromise, but are acting on the assumption that it might. [..] Impact Potential remote system compromise. " See http://doc.powerdns.com/powerdns-advisory-2006-01.html Fixed upstream: http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/915 http://ds9a.nl/tmp/cve-2006-4251.patch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
