vulnerability
SUSE: CVE-2018-1046: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | May 24, 2018 | May 24, 2018 | Oct 22, 2021 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
May 24, 2018
Added
May 24, 2018
Modified
Oct 22, 2021
Description
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.
Solutions
suse-upgrade-pdnssuse-upgrade-pdns-backend-geoipsuse-upgrade-pdns-backend-godbcsuse-upgrade-pdns-backend-ldapsuse-upgrade-pdns-backend-luasuse-upgrade-pdns-backend-mydnssuse-upgrade-pdns-backend-mysqlsuse-upgrade-pdns-backend-postgresqlsuse-upgrade-pdns-backend-remotesuse-upgrade-pdns-backend-sqlite3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.