Vulnerabilities (CVE)

Filtered by vendor Knot-dns Subscribe
Filtered by product Knot Dns
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11104 2 Debian, Knot-dns 2 Debian Linux, Knot Dns 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.
CVE-2016-6171 1 Knot-dns 1 Knot Dns 2024-11-21 5.0 MEDIUM 8.6 HIGH
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.