Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns recursor 4.1.0 vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv3
CVE-2018-1000003
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
Powerdns Recursor 4.1.0
7.5
CVSSv3
CVE-2018-14626
PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.
Powerdns Authoritative
Powerdns Recursor
7.5
CVSSv3
CVE-2018-16855
An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
Powerdns Recursor
8.8
CVSSv3
CVE-2020-10030
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems wh...
Powerdns Recursor
7.5
CVSSv3
CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack u...
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
7.5
CVSSv3
CVE-2020-12244
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started