Search CVE reports


Toggle filters

41 – 50 of 52 results


CVE-2019-13952

Low priority
Vulnerable

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

1 affected package

gdnsd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gdnsd Not affected Not affected Not in release Vulnerable Vulnerable
Show less packages

CVE-2019-13951

Low priority
Not affected

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.

1 affected package

gdnsd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gdnsd Not affected
Show less packages

CVE-2019-13207

Medium priority
Vulnerable

nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.

1 affected package

nsd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nsd Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2018-14663

Medium priority
Vulnerable

An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet,...

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-7069

Medium priority
Ignored

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT...

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-7560

Low priority
Ignored

It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.

1 affected package

rhnsd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rhnsd Not in release
Show less packages

CVE-2017-7557

Medium priority
Ignored

dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack.

1 affected package

dnsdist

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
dnsdist Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2016-6173

Negligible priority
Ignored

NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.

1 affected package

nsd

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nsd Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2012-2978

Low priority
Ignored

query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.

2 affected packages

nsd, nsd3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nsd
nsd3
Show less packages

CVE-2009-1755

Medium priority

Some fixes available 1 of 8

Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary...

2 affected packages

nsd, nsd3

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nsd
nsd3
Show less packages