Knot DNS

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-6171	Knot Dns Knot DNS	Hig	0.56	8.6	0.02		Feb 9, 2017	Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
CVE-2017-11104	Debian Debian Linux	Med	0.39	5.9	0.02		Jul 8, 2017	Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.

CVE-2016-6171HigFeb 9, 2017
Knot Dns
Knot DNS
risk 0.56cvss 8.6epss 0.02
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
CVE-2017-11104MedJul 8, 2017
Debian
Debian Linux
risk 0.39cvss 5.9epss 0.02
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.