) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:powerdns:authoritative:4.2.0:rc1:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-24698 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature. Published: October 02, 2020; 5:15:13 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 6.8 MEDIUM |
| CVE-2020-24697 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature. Published: October 02, 2020; 5:15:13 AM -0400 |
V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
| CVE-2020-24696 |
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. Published: October 02, 2020; 5:15:13 AM -0400 |
V3.1: 8.1 HIGH V2.0: 5.1 MEDIUM |
| CVE-2020-17482 |
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Published: October 02, 2020; 5:15:13 AM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |