The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
Max CVSS
5.0
EPSS Score
1.05%
Published
2005-12-31
Updated
2008-09-05
The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.
Max CVSS
5.0
EPSS Score
1.03%
Published
2005-05-02
Updated
2017-07-11
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Max CVSS
5.0
EPSS Score
1.69%
Published
2005-07-19
Updated
2016-10-18
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.
Max CVSS
2.1
EPSS Score
0.05%
Published
2005-07-19
Updated
2016-10-18
The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.
Max CVSS
5.0
EPSS Score
5.00%
Published
2006-04-27
Updated
2017-07-20
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
Max CVSS
6.4
EPSS Score
0.67%
Published
2008-08-08
Updated
2017-08-08
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
Max CVSS
4.3
EPSS Score
0.52%
Published
2008-12-09
Updated
2017-08-08
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!