231 matches found
USN-8474-1: NSD vulnerabilities
It was discovered that NSD incorrectly handled APL resource records with an address length larger than permitted for the address family. A remote attacker could use this to cause a stack-based buffer overflow when the zone is written to disk, potentially executing arbitrary code with the privileg...
CVE-2026-40209 Denial of service via IXFR queries
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
CVE-2026-40209
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
EUVD-2026-39348
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
EUVD-2026-39182
If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...
CVE-2026-12244
If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...
CVE-2026-12490
When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...
Fedora 44 : bind9-next (2026-dbb0776ac5)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dbb0776ac5 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...
CVE-2026-42000
A flaw was found in pdns. This vulnerability, stemming from insufficient validation of names during an Asynchronous Zone Transfer AXFR, allows a remote attacker to compromise the integrity of DNS data. By sending specially crafted requests, an attacker could potentially poison DNS caches or make...
SUSE CVE-2026-42000
Insufficient Validation of Names During AXFR...
SUSE CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42000
Insufficient Validation of Names During AXFR...
EUVD-2026-31261
Insufficient Validation of Names During AXFR...
CVE-2026-42000
Insufficient Validation of Names During AXFR...
CVE-2026-42000
CVE-2026-42000 affects PowerDNS Authoritative server. The issue is "Insufficient Validation of Names During AXFR" in the AXFR process, caused by inadequate validation of transfer names, which is reported to enable a command-injection path per some sources and could contribute to denial of service...
CVE-2026-42396
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
EUVD-2026-31265
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...
CVE-2026-42396 Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail...