ALT-PU-2022-3173-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2020-17482
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
- https://github.com/PowerDNS/pdns
- https://security.gentoo.org/glsa/202012-18
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
- https://github.com/PowerDNS/pdns
- https://security.gentoo.org/glsa/202012-18
Modified: 2024-11-21
CVE-2020-24696
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature.
Modified: 2024-11-21
CVE-2020-24697
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.
Modified: 2024-11-21
CVE-2020-24698
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.
Modified: 2024-11-21
CVE-2021-36754
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
- http://www.openwall.com/lists/oss-security/2021/07/26/2
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2021-01.html
- http://www.openwall.com/lists/oss-security/2021/07/26/2
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2021-01.html
Modified: 2024-11-21
CVE-2022-27227
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
- http://www.openwall.com/lists/oss-security/2022/03/25/1
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html
- https://docs.powerdns.com/recursor/security-advisories/index.html
- https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/
- http://www.openwall.com/lists/oss-security/2022/03/25/1
- https://doc.powerdns.com/authoritative/security-advisories/index.html
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html
- https://docs.powerdns.com/recursor/security-advisories/index.html
- https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/