VYPR

PowerDNS Authoritative Server

by PowerDNS

Source repositories

CVEs (5)

  • CVE-2016-5427HigSep 21, 2016
    risk 0.54cvss 7.5epss 0.63

    PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.

  • CVE-2016-5426HigSep 21, 2016
    risk 0.51cvss 7.5epss 0.31

    PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.

  • CVE-2016-6172MedSep 26, 2016
    risk 0.45cvss 6.8epss 0.04

    PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

  • CVE-2016-7072MedSep 10, 2018
    risk 0.28cvss 5.3epss 0.06

    An issue has been found in PowerDNS Authoritative Server before 3.4.11 and 4.0.2 allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number of TCP connections to the web server. If the web server runs out of file descriptors, it triggers…

  • CVE-2008-3337Aug 8, 2008
    risk 0.00cvss epss 0.06

    PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.