Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2020/10/02 12:0 a.m.6 views

PT-2020-15810 · Powerdns +1 · Powerdns Authoritative +2

Name of the Vulnerable Software and Affected Versions: PowerDNS Authoritative versions prior to 4.3.0 Description: A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature when th...

9.8CVSS6.6AI score0.64857EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2018/09/12 12:0 a.m.22 views

PowerDNS Security Advisory 2016-04: Insufficient validation of TSIG signatures

Two issues have been found in PowerDNS Authoritative Server allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a...

5.9CVSS6.7AI score0.01233EPSS
Exploits0References1
CVE
CVE
added 2018/09/11 1:0 p.m.125 views

CVE-2016-7074

CVE-2016-7074 affects PowerDNS (authoritative server and recursor): insufficient TSIG validation allows MITM to alter AXFR content due to missing check that the TSIG record is last, enabling parsing of records outside the TSIG scope. Affected: PowerDNS versions before 3.4.11/4.0.2 and recursor be...

5.9CVSS6.2AI score0.01222EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/01/19 12:0 a.m.57 views

FreeBSD : powerdns -- multiple vulnerabilities (e3200958-dd6c-11e6-ae1b-002590263bf5)

PowerDNS reports : 2016-02: Crafted queries can cause abnormal CPU usage 2016-03: Denial of service via the web server 2016-04: Insufficient validation of TSIG signatures 2016-05: Crafted zone record can cause a denial of service %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

7.8CVSS6.5AI score0.07294EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2017/01/13 12:0 a.m.35 views

Debian Security Advisory DSA 3764-1 (pdns - security update)

Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2120 Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advanta...

0.5AI score0.07294EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/12/15 12:0 a.m.37 views

powerdns -- multiple vulnerabilities

PowerDNS reports: 2016-02: Crafted queries can cause abnormal CPU usage 2016-03: Denial of service via the web server 2016-04: Insufficient validation of TSIG signatures 2016-05: Crafted zone record can cause a denial of service...

7.8CVSS2.9AI score0.07294EPSS
Exploits0References6
Rows per page
Query Builder