Search CVE reports
11 – 20 of 88 results
By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
3 affected packages
dnsdist, pdns, pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dnsdist | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crafted zones can lead to increased incoming network traffic.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crafted delegations or IP fragments can poison cached delegations in Recursor.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crafted delegations or IP fragments can poison cached delegations in Recursor.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled...
1 affected package
pdns-recursor
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |