Powerdns: >> Powerdns Security Vulnerabilities
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
CVSS Score
4.3
EPSS Score
0.0
Published
2008-12-09
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
CVSS Score
6.4
EPSS Score
0.0
Published
2008-08-08
The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.
CVSS Score
5.0
EPSS Score
0.0
Published
2006-04-27
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
CVSS Score
5.0
EPSS Score
0.001
Published
2005-12-31
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
CVSS Score
5.0
EPSS Score
0.001
Published
2005-07-19
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.
CVSS Score
2.1
EPSS Score
0.0
Published
2005-07-19
The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.
CVSS Score
5.0
EPSS Score
0.0
Published
2005-05-02