Knot-Dns: Security Vulnerabilities
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.
CVSS Score
5.9
EPSS Score
0.026
Published
2017-07-08
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.
CVSS Score
8.6
EPSS Score
0.012
Published
2017-02-09