VDB

GCVE-VVD-MAGEIA-2019-122

GCVE-VVD-MAGEIA-2019-122
Advisory Published
Vulnetix · Advisory published September 8, 2019
Updated pdns packages fix security vulnerability: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers (CVE-2019-3871).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaclaws-mail0 (affected), 3.17.4-1.mga7 (unaffected)
Mageiapdns0 (affected), 4.1.7-1.mga6 (unaffected), 0 (affected), 4.1.7-1.mga6 (unaffected)

Aliases

CVE-2019-3871

Transitive aliases

VVD-GENTOO-2019-680900BDU:2019-01943GHSA-mg3r-wf83-7hqhEUVD-2019-13484

References

Updated pdns packages fix security vulnerability
advisory
Updated pdns packages fix security vulnerability
issue
Updated pdns packages fix security vulnerability
issue
Updated claws-mail packages updates to stable release
advisory
Updated claws-mail packages updates to stable release
issue
Updated claws-mail packages updates to stable release
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›