powerdns

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Authoritative DNS server
Version 4.1.5-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-804 4.1.4-4 4.1.5-1 Medium Fixed
AVG-686 4.1.1-2 4.1.2-1 High Fixed
AVG-519 4.0.4-4 4.0.5-1 Low Fixed
AVG-147 4.0.1-7 4.0.2-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2018-14626 AVG-804 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5, allowing a remote user to craft a DNS query that...
CVE-2018-10851 AVG-804 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5. The issue is due to the fact that some memory is...
CVE-2018-1046 AVG-686 High No Arbitrary code execution
An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack based...
CVE-2017-15091 AVG-519 Low Yes Access restriction bypass
An issue has been found in the API component of PowerDNS Authoritative < 4.0.5, where some operations that have an impact on the state of the server are...
CVE-2016-7074 AVG-147 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7073 AVG-147 Medium Yes Insufficient validation
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7072 AVG-147 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number...
CVE-2016-7068 AVG-147 Medium Yes Denial of service
An issue has been found in PowerDNS allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending...
CVE-2016-2120 AVG-147 Medium Yes Denial of service
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to crash the server by inserting a specially crafted record in a zone...

Advisories

Date Advisory Group Severity Description
12 Nov 2018 ASA-201811-12 AVG-804 Medium denial of service
09 May 2018 ASA-201805-1 AVG-686 High arbitrary code execution
27 Nov 2017 ASA-201711-30 AVG-519 Low access restriction bypass
19 Jan 2017 ASA-201701-29 AVG-147 Medium multiple issues