GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Mon Jan 30, 2006 10:26 pm Post subject: [ GLSA 200601-16 ] MyDNS: Denial of Service |
 |
|
Gentoo Linux Security Advisory
Title: MyDNS: Denial of Service (GLSA 200601-16)
Severity: normal
Exploitable: remote
Date: January 30, 2006
Bug(s): #119548
ID: 200601-16
Synopsis
MyDNS contains a vulnerability that may lead to a Denial of Service attack.
Background
MyDNS is a DNS server using a MySQL database as a backend. It is designed to allow for fast updates and small resource usage.
Affected Packages
Package: net-dns/mydns
Vulnerable: < 1.1.0
Unaffected: >= 1.1.0
Architectures: All supported architectures
Description
MyDNS contains an unspecified flaw that may allow a remote Denial of Service.
Impact
An attacker could cause a Denial of Service by sending malformed DNS queries to the MyDNS server.
Workaround
There is no known workaround at this time.
Resolution
All MyDNS users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/mydns-1.1.0" |
References
CVE-2006-0351
Last edited by GLSA on Sun Jul 30, 2006 4:18 am; edited 3 times in total |
|
News & Announcements
