CVE-2016-2120
An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overflow when checking if the content of the record matches the expected size, allowing an attacker to cause a read past the buffer boundary.
| Software | From | Fixed in |
|---|---|---|
| powerdns / authoritative | - | 3.4.10.x |
| powerdns / authoritative | 4.0.0 | 4.0.1.x |
| debian / debian_linux | 8.0 | 8.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime