CVE-2016-6172
published 2016-09-26CVE-2016-6172: PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS…
medium6.8CVSS 3.0
AVNACHPRNUINSCCNINAH
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns | < pdns 4.0.1-1 (bookworm) | pdns 4.0.1-1 (bookworm) |
| open-xchange | pdns | >= 0 < 4.0.1-1 | 4.0.1-1 |
| open-xchange | pdns | >= 0 < 4.0.1-1 | 4.0.1-1 |
| open-xchange | pdns | >= 0 < 4.0.1-1 | 4.0.1-1 |
| open-xchange | pdns | >= 0 < 4.0.1-1 | 4.0.1-1 |
| opensuse | leap | — | — |
| opensuse | opensuse | — | — |
| powerdns | authoritative_server | <= 4.0.0 | — |
CVSS provenance
nvdv3.06.8MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
osv6.8MEDIUM