powerdns

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Authoritative DNS server
Version 4.9.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2655 4.6.0-1 4.6.1-1 Low Fixed
AVG-2222 4.5.0-1 4.5.1-1 Medium Fixed
AVG-927 4.1.6-2 4.1.7-1 High Fixed
AVG-804 4.1.4-4 4.1.5-1 Medium Fixed
AVG-686 4.1.1-2 4.1.2-1 High Fixed
AVG-519 4.0.4-4 4.0.5-1 Low Fixed
AVG-147 4.0.1-7 4.0.2-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2022-27227 AVG-2655 Low Yes Denial of service 
A denial of service issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor before 4.6.1. IXFR usually exchanges only the modifications...
CVE-2021-36754 AVG-2222 Medium Yes Denial of service 
PowerDNS Authoritative Server 4.5.0 will crash with an uncaught out of bounds exception if it receives a query with QTYPE 65535. The offending code was not...
CVE-2019-3871 AVG-927 High Yes Insufficient validation 
An issue has been found in PowerDNS Authoritative Server before 4.1.7, when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a...
CVE-2018-14626 AVG-804 Medium Yes Denial of service 
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5, allowing a remote user to craft a DNS query that...
CVE-2018-10851 AVG-804 Medium Yes Denial of service 
An issue has been found in PowerDNS Authoritative Server before 4.1.5 and PowerDNS Recursor before 4.1.5. The issue is due to the fact that some memory is...
CVE-2018-1046 AVG-686 High No Arbitrary code execution 
An issue has been found in the dnsreplay tool provided with PowerDNS Authoritative, where replaying a specially crafted PCAP file can trigger a stack based...
CVE-2017-15091 AVG-519 Low Yes Access restriction bypass 
An issue has been found in the API component of PowerDNS Authoritative < 4.0.5, where some operations that have an impact on the state of the server are...
CVE-2016-7074 AVG-147 Medium Yes Insufficient validation 
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7073 AVG-147 Medium Yes Insufficient validation 
An issue has been found in PowerDNS Authoritative Server and PowerDNS Recursor allowing an attacker in position of man-in-the-middle to alter the content of...
CVE-2016-7072 AVG-147 Medium Yes Denial of service 
An issue has been found in PowerDNS Authoritative Server allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number...
CVE-2016-7068 AVG-147 Medium Yes Denial of service 
An issue has been found in PowerDNS allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending...
CVE-2016-2120 AVG-147 Medium Yes Denial of service 
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to crash the server by inserting a specially crafted record in a zone...

Advisories

Date Advisory Group Severity Type
27 Jul 2021 ASA-202107-73 AVG-2222 Medium denial of service
22 Mar 2019 ASA-201903-13 AVG-927 High insufficient validation
12 Nov 2018 ASA-201811-12 AVG-804 Medium denial of service
09 May 2018 ASA-201805-1 AVG-686 High arbitrary code execution
27 Nov 2017 ASA-201711-30 AVG-519 Low access restriction bypass
19 Jan 2017 ASA-201701-29 AVG-147 Medium multiple issues