Vulnerabilities in PowerDNS Authoritative Server
Authoritative DNS server updates PowerDNS Authoritative Server 4.3.1, 4.2.3 and 4.1.14 are available, which fix four vulnerabilities, two of which could potentially lead to remote code execution by an attacker. Vulnerabilities CVE-2020-24696, CVE-2020-24697 and CVE-2020-24698 affect code that implements the GSS-TSIG key exchange mechanism. The vulnerabilities only appear when building PowerDNS with GSS-TSIG support (“—enable-experimental-gss-tsig”, not used by default) […]