Authoritative Security Vulnerabilities and Issues — Authoritative CVE List

Lucene search

PowerdnsAuthoritative

5 matches found

CVE•added 2020/10/02 9:15 a.m.•181 views

CVE-2020-17482

An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

4.3CVSS4.5AI score0.00079EPSS

CVE•added 2020/10/02 9:15 a.m.•129 views

CVE-2020-24698

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.

9.8CVSS9.7AI score0.00033EPSS

CVE•added 2020/01/15 5:15 p.m.•65 views

CVE-2015-5230

The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets.

7.5CVSS7.2AI score0.00177EPSS

CVE•added 2020/10/02 9:15 a.m.•63 views

CVE-2020-24696

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature.

8.1CVSS8.6AI score0.00075EPSS

CVE•added 2020/10/02 9:15 a.m.•62 views

CVE-2020-24697

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.

7.5CVSS7.6AI score0.00129EPSS