CVE-2018-1046 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Arbitrary code execution
Description	An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the --ecs-stamp option of dnsreplay is used. Regardless of this issue, the use of dnsreplay with untrusted PCAP files is not advised.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-686	powerdns	4.1.1-2	4.1.2-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
09 May 2018	ASA-201805-1	AVG-686	powerdns	High	arbitrary code execution

References
https://marc.info/?l=oss-security&m=152585376901543 https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8 https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html

References

https://marc.info/?l=oss-security&m=152585376901543
https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html