Joined: 12 May 2004
|Posted: Mon Jan 30, 2006 10:26 pm Post subject: [ GLSA 200601-16 ] MyDNS: Denial of Service
|Gentoo Linux Security Advisory
Title: MyDNS: Denial of Service (GLSA 200601-16)
Date: January 30, 2006
MyDNS contains a vulnerability that may lead to a Denial of Service attack.
MyDNS is a DNS server using a MySQL database as a backend. It is designed to allow for fast updates and small resource usage.
Vulnerable: < 1.1.0
Unaffected: >= 1.1.0
Architectures: All supported architectures
MyDNS contains an unspecified flaw that may allow a remote Denial of Service.
An attacker could cause a Denial of Service by sending malformed DNS queries to the MyDNS server.
There is no known workaround at this time.
All MyDNS users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/mydns-1.1.0"
Last edited by GLSA on Sun Jul 30, 2006 4:18 am; edited 3 times in total