VYPR

Authoritative

by PowerDNS

Source repositories

CVEs (32)

  • CVE-2020-24696Oct 2, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG…

  • CVE-2020-17482Oct 2, 2020
    risk 0.00cvss epss 0.03

    An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

  • CVE-2015-5230Jan 15, 2020
    risk 0.00cvss epss 0.09

    The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets.

  • CVE-2019-10203Nov 22, 2019
    risk 0.00cvss epss 0.02

    PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.

  • CVE-2019-10163Jul 30, 2019
    risk 0.00cvss epss 0.01

    A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only…

  • CVE-2019-10162Jul 30, 2019
    risk 0.00cvss epss 0.02

    A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative…

  • CVE-2019-3871Mar 21, 2019
    risk 0.00cvss epss 0.13

    A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial…

  • CVE-2018-14626Nov 29, 2018
    risk 0.00cvss epss 0.03

    PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.

  • CVE-2018-10851Nov 29, 2018
    risk 0.00cvss epss 0.06

    PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.

  • CVE-2016-2120Nov 1, 2018
    risk 0.00cvss epss 0.02

    An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to…

  • CVE-2012-0206Feb 17, 2012
    risk 0.00cvss epss 0.05

    common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

  • CVE-2008-3337Aug 8, 2008
    risk 0.00cvss epss 0.06

    PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.

Page 2 of 2