FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7d08e608-5e95-11e6-b334-002590263bf5	BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers ISC reports: DNS protocols were designed with the assumption that a certain amount of trust could be presumed between the operators of primary and secondary servers for a given zone. However, in current practice some organizations have scenarios which require them to accept zone data from sources that are not fully trusted (for example: providers of secondary name service). A party who is allowed to feed data into a zone (e.g. by AXFR, IXFR, or Dynamic DNS updates) can overwhelm the server which is accepting data by intentionally or accidentally exhausting that server's memory. Discovery 2016-07-06 Entry 2016-08-10 Modified 2017-04-24 bind99 <= 9.9.9P2 bind910 <= 9.10.4P2 bind911 <= 9.11.0.b2 bind9-devel <= 9.12.0.a.2016.11.02 knot knot1 < 1.6.8 knot2 < 2.3.0 nsd < 4.1.11 powerdns < 4.0.1 CVE-2016-6170 CVE-2016-6171 CVE-2016-6172 CVE-2016-6173 https://kb.isc.org/article/AA-01390 http://www.openwall.com/lists/oss-security/2016/07/06/4

VuXML ID

Description

7d08e608-5e95-11e6-b334-002590263bf5

BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers

ISC reports:

DNS protocols were designed with the assumption that a certain amount of trust could be presumed between the operators of primary and secondary servers for a given zone. However, in current practice some organizations have scenarios which require them to accept zone data from sources that are not fully trusted (for example: providers of secondary name service). A party who is allowed to feed data into a zone (e.g. by AXFR, IXFR, or Dynamic DNS updates) can overwhelm the server which is accepting data by intentionally or accidentally exhausting that server's memory.

Discovery 2016-07-06
Entry 2016-08-10
Modified 2017-04-24
bind99

<= 9.9.9P2

bind910

<= 9.10.4P2

bind911

<= 9.11.0.b2

bind9-devel

<= 9.12.0.a.2016.11.02

knot
knot1

< 1.6.8

knot2

< 2.3.0

nsd

< 4.1.11

powerdns

< 4.0.1

CVE-2016-6170
CVE-2016-6171
CVE-2016-6172
CVE-2016-6173
https://kb.isc.org/article/AA-01390
http://www.openwall.com/lists/oss-security/2016/07/06/4