PowerDNS Recursor Denial of Service Vulnerability (CNVD-2018-23738)

PowerDNS Recursor aka pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Recursor versions 4.0.0 through 4.1.4. A remote attacker can exploit this vulnerability by sending DNS queries to cause a denial of service...

[ASA-201811-13] powerdns-recursor: denial of service

Arch Linux Security Advisory ASA-201811-13 ========================================== Severity: Medium Date : 2018-11-12 CVE-ID : CVE-2018-10851 CVE-2018-14626 CVE-2018-14644 Package : powerdns-recursor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-805 Summary...

UBUNTU-CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

DEBIAN-CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

Design/Logic Flaw

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

PowerDNS Recursor (4.0.0–4.1.4) is affected by CVE-2018-14644. A remote attacker sending a DNS query for a meta-type such as OPT can cause a zone to be cached as failing DNSSEC validation when the parent zone is signed and all authoritative servers reply with FORMERR, resulting in ServFail respon...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

PowerDNS Recursor Crafted Answer DoS Vulnerability (2018-04)

An issue has been found in PowerDNS Recursor allowing a malicious authoritative server to cause a memory leak by sending specially crafted records. The issue is due to the fact that some memory is allocated before the parsing and is not always properly released if the record is malformed...

powerdns-recursor -- Multiple vulnerabilities

powerdns Team reports: CVE-2018-10851: An issue has been found in PowerDNS Recursor allowing a malicious authoritative server to cause a memory leak by sending specially crafted records. The issue is due to the fact that some memory is allocated before the parsing and is not always properly...

PowerDNS Authoritative Server and PowerDNS Recursor Denial of Service Vulnerabilities

PowerDNS Authoritative Server and PowerDNS Recursor are both products of the Dutch company PowerDNS.PowerDNS Authoritative Server is a DNS server.PowerDNS Recursor is a domain name resolution server. A denial of service vulnerability exists in PowerDNS Authoritative Server and PowerDNS Recursor,...

PowerDNS Recursor < 3.5 Ghost Domain Names Attack

The resolver in PowerDNS Recursor aka pdnsrecursor 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a SPDX-FileCopyrightText: 2018...

PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

UBUNTU-CVE-2016-7074

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leadi...

PowerDNS Recursor Denial of Service Vulnerability (CNVD-2018-16310)

PowerDNS Recursor aka pdnsrecursor is a domain name resolution server from the Dutch company PowerDNS. A denial of service vulnerability exists in the resolution of authorization answers in PowerDNS Recursor versions prior to 4.0.8. An attacker can exploit this vulnerability to cause a denial of...

CVE-2017-15120

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service...