Vulnerabilities > Knot DNS

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-08	CVE-2017-11104	Improper Input Validation vulnerability in multiple products Knot DNS before 2.4.5 and 2.5.x before 2.5.2 contains a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check. network high complexity knot-dns debian CWE-20	5.9
2017-02-09	CVE-2016-6171	Resource Exhaustion vulnerability in Knot-Dns Knot DNS 2.1.1/2.2.0/2.2.1 Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR. network low complexity knot-dns CWE-400	8.6

Vulnerabilities > Knot DNS {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Knot DNS"}]}