Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2019/06/25 12:0 a.m.2 views

PowerDNS Authoritative Server Denial of Service Vulnerability

PowerDNS Authoritative Server is a DNS server from the Dutch company PowerDNS. A security vulnerability exists in PowerDNS Authoritative Server version 4.1.8 and earlier. An attacker can exploit this vulnerability by sending a large number of NOTIFY packets to cause a denial of service...

4.3CVSS8.6AI score0.01003EPSS
Exploits0References1
OpenVAS
OpenVASadded 2019/06/25 12:0 a.m.77 views

PowerDNS Authoritative Server NOTIFY Packets DoS Vulnerability (2019-05)

PowerDNS Authoritative Server is prone to a denial of service DoS via NOTIFY packets. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS4.7AI score0.01003EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2019/06/24 12:0 a.m.31 views

Debian DSA-4470-1 : pdns - security update

Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

7.5CVSS5.6AI score0.01691EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2019/01/16 8:0 p.m.28 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.3AI score0.054EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2017/07/10 12:0 a.m.28 views

Debian DSA-3904-1 : bind9 - security update

Clement Berthaux from Synaktiv discovered two vulnerabilities in BIND, a DNS server implementation. They allow an attacker to bypass TSIG authentication by sending crafted DNS packets to a server. - CVE-2017-3142 An attacker who is able to send and receive messages to an authoritative DNS server...

7.5CVSS6.4AI score0.18299EPSS
Exploits1References8
UbuntuCve
UbuntuCveadded 2017/06/29 12:0 a.m.24 views

CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.7AI score0.054EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2007/05/10 12:0 a.m.30 views

GLSA-200705-09 : IPsec-Tools: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200705-09 IPsec-Tools: Denial of Service The isakmpinforecv function in src/racoon/isakmpinf.c does not always check that DELETE ISAKMPNPTYPED and NOTIFY ISAKMPNPTYPEN packets are encrypted. Impact : A remote attacker could send a...

4.3CVSS5.5AI score0.02851EPSS
Exploits0References2
Rows per page
Query Builder