Open-Xchange Pdns vulnerabilities

CVE-2016-6172 [MEDIUM] CVE-2016-6172: PowerDNS (aka pdns) Authoritative Server before 4 PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

CVE-2016-5426 [HIGH] CVE-2016-5426: PowerDNS (aka pdns) Authoritative Server before 3 PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname.

CVE-2016-5427 [HIGH] CVE-2016-5427: PowerDNS (aka pdns) Authoritative Server before 3 PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.

CVE-2015-5311 [MEDIUM] CVE-2015-5311: PowerDNS (aka pdns) Authoritative Server 3 PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets.

CVE-2015-5470 [HIGH] CVE-2015-5470: The label decompression functionality in PowerDNS Recursor before 3 The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1868.

CVE-2015-1868 [HIGH] CVE-2015-1868: The label decompression functionality in PowerDNS Recursor 3 The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.

CVE-2012-0206 [MEDIUM] CVE-2012-0206: common_startup common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

CVE-2008-5277 [MEDIUM] CVE-2008-5277: PowerDNS before 2 PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.

CVE-2008-3337 [MEDIUM] CVE-2008-3337: PowerDNS Authoritative Server before 2 PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.

CVE-2006-4251 [HIGH] CVE-2006-4251: Buffer overflow in PowerDNS Recursor 3 Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.

CVE-2005-0038 [MEDIUM] CVE-2005-0038: The DNS implementation of PowerDNS 2 The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.

CVE-2005-2301 [MEDIUM] CVE-2005-2301: PowerDNS before 2 PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.

CVE-2005-2302 [LOW] CVE-2005-2302: PowerDNS before 2 PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.

CVE-2005-0428 [MEDIUM] CVE-2005-0428: The DNSPacket::expand method in dnspacket The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.