Search for packages
| purl | pkg:deb/debian/pdns@2.9.20-8%2Betch1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1jzb-z2bs-vbeb
Aliases: CVE-2016-7073 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-2m6r-ztcg-gbgu
Aliases: CVE-2016-7068 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-37kj-yg3f-x7g3
Aliases: CVE-2016-5427 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-4c2u-n7p5-nfg4
Aliases: CVE-2018-14626 |
PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service. |
Affected by 5 other vulnerabilities. |
|
VCID-5efj-fcg6-cuc5
Aliases: CVE-2019-10162 |
security update |
Affected by 12 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-6nht-qd1p-qbbz
Aliases: CVE-2008-3337 |
Two vulnerabilities have been discovered in PowerDNS, possibly leading to a Denial of Service and easing cache poisoning attacks. |
Affected by 26 other vulnerabilities. |
|
VCID-8fks-8s21-b7b4
Aliases: CVE-2019-10163 |
security update |
Affected by 12 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-bb3a-3ehq-8bhd
Aliases: CVE-2015-5311 |
PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets. |
Affected by 12 other vulnerabilities. |
|
VCID-ch2d-p2ru-23ex
Aliases: CVE-2018-10851 |
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. |
Affected by 5 other vulnerabilities. |
|
VCID-d13q-prqh-buge
Aliases: CVE-2015-1868 |
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself. |
Affected by 23 other vulnerabilities. |
|
VCID-ez68-8ben-nuef
Aliases: CVE-2020-24696 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. |
Affected by 1 other vulnerability. |
|
VCID-gj88-me79-1qb3
Aliases: CVE-2016-5426 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-j5zf-9dpp-qkh6
Aliases: CVE-2008-5277 |
Two vulnerabilities have been discovered in PowerDNS, possibly leading to a Denial of Service and easing cache poisoning attacks. |
Affected by 26 other vulnerabilities. |
|
VCID-jrb1-cuhc-nqa1
Aliases: CVE-2018-1046 |
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used. |
Affected by 5 other vulnerabilities. |
|
VCID-keaf-6ca3-vkbc
Aliases: CVE-2017-15091 |
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY. |
Affected by 5 other vulnerabilities. |
|
VCID-m7h2-vam9-1yhn
Aliases: CVE-2020-17482 |
An information disclosure vulnerability in PowerDNS allow remote attackers to obtain sensitive information. |
Affected by 1 other vulnerability. |
|
VCID-mnn7-6732-ykdm
Aliases: CVE-2016-7072 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-nwfa-n5f2-abe7
Aliases: CVE-2015-5470 |
security update |
Affected by 24 other vulnerabilities. Affected by 22 other vulnerabilities. |
|
VCID-q6d4-mv53-syhu
Aliases: CVE-2014-7210 |
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected. |
Affected by 24 other vulnerabilities. |
|
VCID-qbnt-a5xe-2bg6
Aliases: CVE-2020-24697 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature. |
Affected by 1 other vulnerability. |
|
VCID-srnu-wj3x-2qd1
Aliases: CVE-2012-0206 |
A vulnerability in PowerDNS could allow a remote attacker to create a Denial of Service condition. |
Affected by 25 other vulnerabilities. |
|
VCID-tqpr-vezf-4ye4
Aliases: CVE-2015-5230 |
security update |
Affected by 24 other vulnerabilities. Affected by 21 other vulnerabilities. |
|
VCID-w3fn-hwyn-6ba7
Aliases: CVE-2019-10203 |
PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. |
Affected by 1 other vulnerability. |
|
VCID-w9w8-k8h2-b7fc
Aliases: CVE-2019-3871 |
security update |
Affected by 12 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-xmmj-hpq2-kyad
Aliases: CVE-2016-6172 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-xvg6-5zhw-8fdk
Aliases: CVE-2016-2120 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-zcxy-ae2g-3kdy
Aliases: CVE-2020-24698 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature. |
Affected by 1 other vulnerability. |
|
VCID-zdzj-q58r-5uby
Aliases: CVE-2016-7074 |
security update |
Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||