← Back

Knot Dns

knot_dns

Vendor: Knot Dns • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-11104
2Debian
Knot Dns
2Debian Linux
Knot Dns
May 13, 2026
Jul 8, 2017
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL res...Show more
Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.Show less
CVE-2016-6171
1Knot Dns
1Knot Dns
May 13, 2026
Feb 9, 2017
N/A· v4
8.6 HIGH· v3
5.0 MEDIUM· v2
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.