CVE-2018-1046
published 2018-07-16CVE-2018-1046: pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns | < pdns 4.1.2-1 (bookworm) | pdns 4.1.2-1 (bookworm) |
| open-xchange | pdns | >= 0 < 4.1.2-1 | 4.1.2-1 |
| open-xchange | pdns | >= 0 < 4.1.2-1 | 4.1.2-1 |
| open-xchange | pdns | >= 0 < 4.1.2-1 | 4.1.2-1 |
| open-xchange | pdns | >= 0 < 4.1.2-1 | 4.1.2-1 |
| open-xchange | pdns | >= 0 < 4.0.0~alpha2-3ubuntu0.1~esm1 | 4.0.0~alpha2-3ubuntu0.1~esm1 |
| open-xchange | pdns | >= 0 < 4.1.1-1ubuntu0.1~esm1 | 4.1.1-1ubuntu0.1~esm1 |
| open-xchange | pdns | >= 0 < 4.2.1-1ubuntu0.1~esm1 | 4.2.1-1ubuntu0.1~esm1 |
| open-xchange | pdns | >= 0 < 4.5.3-1ubuntu0.1~esm1 | 4.5.3-1ubuntu0.1~esm1 |
| powerdns | pdns | < 4.1.2 | 4.1.2 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv7.8HIGH