3 matches found
SUSE CVE-2020-24698
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature...
PowerDNS Authoritative Server Multiple Vulnerabilities (2020-06)
PowerDNS Authoritative Server is prone to multiple vulnerabilities in the GSS-TSIG support. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
CVE-2020-24698
CVE-2020-24698 affects PowerDNS Authoritative Server up to version 4.3.0. An attacker can send crafted queries with a GSS-TSIG signature to a remote, unauthenticated endpoint, potentially triggering a double-free that leads to a crash or possibly arbitrary code execution. This is tied to the GSS-...