Buffer Overflow Vulnerability in PowerDNS Authoritative Tool
CVE-2018-1046

7HIGH

Key Information:

Vendor: [unknown]
Status: Pdns
Vendor: CVE Published:; 16 July 2018

What is CVE-2018-1046?

A buffer overflow vulnerability exists in the dnsreplay tool of PowerDNS Authoritative prior to version 4.1.2. When using the -ecs-stamp option with dnsreplay, a specially crafted PCAP file can exploit this vulnerability. This exploitation can lead to a stack-based buffer overflow, resulting in a crash of the application. In certain scenarios, this can permit arbitrary code execution, posing significant risks to system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pdns pdns 4.1.2

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1046

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 16, 2018
Vulnerability Reserved
Dec 4, 2017

JSON

[unknown]

What is CVE-2018-1046?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.