4 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 42EXPL: 0

PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query. PowerDNS y versiones anteriores a 2.9.21.2 permite a los atacantes remotos causar una denegación de servicios (caída del daemon) a través de una petición CH HINFO. • http://doc.powerdns.com/powerdns-advisory-2008-03.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html http://secunia.com/advisories/32979 http://secunia.com/advisories/33264 http://security.gentoo.org/glsa/glsa-200812-19.xml http://securitytracker.com/id?1021304 http://www.securityfocus.com/bid/32627 https://exchange.xforce.ibmcloud.com/vulnerabilities/47076 • CWE-16: Configuration •

CVSS: 5.0EPSS: 1%CPEs: 18EXPL: 0

The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. • http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en http://www.osvdb.org/25291 http://www.securityfocus.com/bid/13729 •

CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 0

PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion. PowerDNS anterior a la 2.9.18, cuando permite recursión en un rango restringido de direcciones IP, no maneja adecuadamente peticiones de clientes a los que se les deniega la recursión. Esto podría causar un "bank out" de respuestas a aquellos clientes que sí les es permitido usar recursión. • http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18 http://marc.info/?l=bugtraq&m=112155941310297&w=2 http://securitytracker.com/id?1014504 http://www.novell.com/linux/security/advisories/2005_19_sr.html •

CVSS: 5.0EPSS: 1%CPEs: 17EXPL: 0

PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack. PowerDNS anterior a la 2.9.18, cuando se ejecuta en LDAP, no escapa adecuadamente las peticiones LDAP, lo que permite que atacantes remotos causen una denegación de servicio. • http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18 http://marc.info/?l=bugtraq&m=112155941310297&w=2 http://securitytracker.com/id?1014504 http://www.novell.com/linux/security/advisories/2005_19_sr.html http://www.securityfocus.com/bid/14290 •