VYPR

Recursor

by PowerDNS

CVEs (47)

  • CVE-2018-10851Nov 29, 2018
    risk 0.00cvss epss 0.06

    PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.

  • CVE-2018-14644Nov 9, 2018
    risk 0.00cvss epss 0.05

    An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the…

  • CVE-2014-3614Sep 19, 2014
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

  • CVE-2012-1193Feb 17, 2012
    risk 0.00cvss epss 0.06

    The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost…

  • CVE-2008-3217Jul 18, 2008
    risk 0.00cvss epss 0.02

    PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements…

  • CVE-2008-1637Apr 2, 2008
    risk 0.00cvss epss 0.04

    PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random functions in external…

  • CVE-2006-4252Nov 14, 2006
    risk 0.00cvss epss 0.06

    PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop.

Page 3 of 3