Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2020-10030
HistoryMay 19, 2020 - 4:15 p.m.

Stack overflow

2020-05-1916:15:00
PRIOn knowledge base
www.prio-n.com
17

9.1 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON

An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system’s hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have ‘\0’ termination of the returned string if the hostname is larger than the supplied buffer. (Linux systems are not affected because the buffer is always large enough. OpenBSD systems are not affected because the returned hostname always has ‘\0’ termination.) Under some conditions, this issue can lead to the writing of one ‘\0’ byte out-of-bounds on the stack, causing a denial of service or possibly arbitrary code execution.

CPENameOperatorVersion
recursorge4.1.0
recursorle4.3.0

Related

nvd 1
osv 1
cvelist 1
alpinelinux 1
debiancve 1
cve 1
ubuntucve 1
veracode 1
hackerone 1
nessus 4
openvas 4
suse 1
fedora 2
freebsd 1
nvd
nvd
CVE-2020-10030
2020-05-19 16:15:10
osv
osv
CVE-2020-10030
2020-05-19 16:15:10
cvelist
cvelist
CVE-2020-10030
2020-05-19 15:52:20
alpinelinux
alpinelinux
CVE-2020-10030
2020-05-19 16:15:10
debiancve
debiancve
CVE-2020-10030
2020-05-19 16:15:10
cve
cve
CVE-2020-10030
2020-05-19 16:15:10
ubuntucve
ubuntucve
CVE-2020-10030
2020-05-19 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-08-06 21:39:40
hackerone
hackerone
Open-Xchange: access to stack memory beyond array boundaries
2020-02-14 11:12:57
nessus
nessus
openSUSE Security Update : pdns-recursor (openSUSE-2020-698)
2020-05-26 00:00:00
Fedora 32 : pdns-recursor (2020-d9abb0c06d)
2020-06-17 00:00:00
FreeBSD : powerdns-recursor -- multiple vulnerabilities (f9c5a410-9b4e-11ea-ac3f-6805ca2fa271)
2020-05-28 00:00:00
openvas
openvas
PowerDNS Recursor 4.1.0 < 4.1.16, 4.2.0 < 4.2.2, 4.3.0 Multiple Vulnerabilities
2020-05-20 00:00:00
Fedora: Security Advisory for pdns-recursor (FEDORA-2020-c0ff3df740)
2020-06-23 00:00:00
openSUSE: Security Advisory for pdns-recursor (openSUSE-SU-2020:0698-1)
2020-05-24 00:00:00
suse
suse
Security update for pdns-recursor (moderate)
2020-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: pdns-recursor-4.2.2-1.fc31
2020-06-14 17:12:05
[SECURITY] Fedora 32 Update: pdns-recursor-4.3.1-1.fc32
2020-06-14 17:03:48
freebsd
freebsd
powerdns-recursor -- multiple vulnerabilities
2020-05-19 00:00:00

9.1 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.2%

JSON
Related for PRION:CVE-2020-10030
nvd1osv1cvelist1alpinelinux1debiancve1cve1ubuntucve1veracode1hackerone1nessus4openvas4suse1fedora2freebsd1