Количество 9
Количество 9
BDU:2025-11255
Уязвимость функции setMaxTCPQueriesPerConnection() программного обеспечения PowerDNS DNSdist, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20250904-05
Уязвимость dnsdist
CVE-2025-30193
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.
CVE-2025-30193
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.
CVE-2025-30193
In some circumstances, when DNSdist is configured to allow an unlimite ...
SUSE-SU-2025:01792-1
Security update for dnsdist
SUSE-SU-2025:01745-1
Security update for dnsdist
GHSA-4q3h-v92p-gchj
In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.
SUSE-SU-2025:01743-1
Security update for dnsdist
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-11255 Уязвимость функции setMaxTCPQueriesPerConnection() программного обеспечения PowerDNS DNSdist, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | ROS-20250904-05 Уязвимость dnsdist | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-30193 In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | CVE-2025-30193 In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| CVE-2025-30193 In some circumstances, when DNSdist is configured to allow an unlimite ... | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
 | SUSE-SU-2025:01792-1 Security update for dnsdist | 0% Низкий | 8 месяцев назад | |
| SUSE-SU-2025:01745-1 Security update for dnsdist | 0% Низкий | 8 месяцев назад | |
| GHSA-4q3h-v92p-gchj In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention. | CVSS3: 7.5 | 0% Низкий | 8 месяцев назад |
| SUSE-SU-2025:01743-1 Security update for dnsdist | 8 месяцев назад |
Уязвимостей на страницу