6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.5%
The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a “dangling pointer bug.”
CPE | Name | Operator | Version |
---|---|---|---|
pdnsd | eq | 1.1.8b1-par5 | |
pdnsd | eq | 1.2.0-par | |
pdnsd | eq | 1.2.4-par | |
pdnsd | eq | 1.2.5-par | |
pdnsd | eq | 1.2.1-par | |
pdnsd | eq | 1.1.797 | |
pdnsd | eq | 1.1.9-par | |
pdnsd | eq | 1.1.11-par | |
pdnsd | eq | 1.1.8b1-par8 | |
pdnsd | eq | 1.1.8b1-par7 |