Search for packages
| purl | pkg:deb/debian/pdns@4.4.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7dc3-qdk8-k7b2
Aliases: CVE-2022-27227 |
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-ez68-8ben-nuef | An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. |
CVE-2020-24696
|
| VCID-m7h2-vam9-1yhn | An information disclosure vulnerability in PowerDNS allow remote attackers to obtain sensitive information. |
CVE-2020-17482
|
| VCID-qbnt-a5xe-2bg6 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature. |
CVE-2020-24697
|
| VCID-w3fn-hwyn-6ba7 | PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. |
CVE-2019-10203
|
| VCID-zcxy-ae2g-3kdy | An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature. |
CVE-2020-24698
|