CPE Details
PowerDNS Authoritative 3.6.4
3.6.4
2018-09-17
13h32 +00:00
13h32 +00:00
2018-09-17
13h32 +00:00
13h32 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:powerdns:authoritative:3.6.4:*:*:*:*:*:*:*
Informations
Vendor
powerdnsProduct
authoritativeVersion
3.6.4Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature. | 9.8 |
Critique |
||
| An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature. | 7.5 |
Haute |
||
| An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. | 8.1 |
Haute |
||
| An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. | 4.3 |
Moyen |
||
| PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | 7.5 |
Haute |
2025©
tesweb SA
