PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
Max CVSS
4.3
EPSS Score
0.56%
Published
2008-12-09
Updated
2017-08-08
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.
Max CVSS
2.1
EPSS Score
0.05%
Published
2005-07-19
Updated
2016-10-18
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Max CVSS
5.0
EPSS Score
1.69%
Published
2005-07-19
Updated
2016-10-18
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
Max CVSS
5.0
EPSS Score
1.05%
Published
2005-12-31
Updated
2008-09-05
4 vulnerabilities found