Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powerdns authoritative server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-7072
An issue has been found in PowerDNS Authoritative Server prior to 3.4.11 and 4.0.2 allowing a remote, unauthenticated malicious user to cause a denial of service by opening a large number of TCP connections to the web server. If the web server runs out of file descriptors, it tri...
Powerdns Authoritative
Debian Debian Linux 8.0
4
CVSSv2
CVE-2016-2120
An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to ...
Powerdns Authoritative
Debian Debian Linux 8.0
5
CVSSv2
CVE-2015-5230
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x prior to 3.4.6 allows remote malicious users to cause a denial of service (crash) via crafted query packets.
Powerdns Authoritative
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2014-8601
PowerDNS Recursor prior to 3.6.2 does not limit delegation chaining, which allows remote malicious users to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.
Debian Debian Linux 7.0
Powerdns Recursor
5
CVSSv2
CVE-2017-15120
An issue has been found in the parsing of authoritative answers in PowerDNS Recursor prior to 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a den...
Powerdns Recursor
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
5
CVSSv2
CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack u...
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
5
CVSSv2
CVE-2020-12244
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an malicious user to bypass DNSSEC validation.
Powerdns Recursor
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3