Knot Dns

knot-dns

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Knot Dns

knot_dns

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-11104 2Debian Knot Dns 2Debian Linux Knot Dns May 13, 2026 Jul 8, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL res...Show more Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check.Show less
CVE-2016-6171 1Knot Dns 1Knot Dns May 13, 2026 Feb 9, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2017-11104

2Debian

Knot Dns

2Debian Linux

Knot Dns

May 13, 2026

Jul 8, 2017

N/A· v4

5.9 MEDIUM· v3

4.3 MEDIUM· v2

Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL res...Show more

CVE-2016-6171

1Knot Dns

May 13, 2026

Feb 9, 2017

N/A· v4

8.6 HIGH· v3

5.0 MEDIUM· v2

Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR.