Search CVE reports
1 – 10 of 69 results
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other...
1 affected package
pdns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns | — | — | — | Not affected |
An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is:...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 23 of 43
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...
7 affected packages
bind9, isc-dhcp, unbound, pdns-recursor, dnsmasq...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| bind9 | Fixed | Fixed | Fixed | Fixed |
| isc-dhcp | Needs evaluation | Not affected | Not affected | Not affected |
| unbound | Fixed | Fixed | Fixed | Needs evaluation |
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
| dnsmasq | Fixed | Fixed | Fixed | Fixed |
| knot-resolver | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
| bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release |
Some fixes available 23 of 42
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...
7 affected packages
bind9, isc-dhcp, unbound, pdns-recursor, dnsmasq...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| bind9 | Fixed | Fixed | Fixed | Fixed |
| isc-dhcp | Needs evaluation | Not affected | Not affected | Not affected |
| unbound | Fixed | Fixed | Fixed | Needs evaluation |
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
| dnsmasq | Fixed | Fixed | Fixed | Fixed |
| knot-resolver | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
| bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release |
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |