CVE-2016-5427

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-5427
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5427.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-5427
Downstream
Related
Published
2016-09-21T14:25:15Z
Modified
2025-10-21T03:49:30.254044Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query.

References

Affected packages

Git / github.com/powerdns/pdns

Affected ranges

Type
GIT
Repo
https://github.com/powerdns/pdns
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
881b5b03a590198d03008e4200dd00cc537712f3

Affected versions

auth-3.*

auth-3.1-rc1
auth-3.1-rc2
auth-3.1-rc3
auth-3.2-rc1
auth-3.2-rc2
auth-3.2-rc3
auth-3.2-rc4
auth-3.3
auth-3.3-rc1
auth-3.3-rc2
auth-3.4.0
auth-3.4.0-rc1
auth-3.4.0-rc2
auth-3.4.1
auth-3.4.2
auth-3.4.3
auth-3.4.4
auth-3.4.5
auth-3.4.6
auth-3.4.7
auth-3.4.8
auth-3.4.9

Other

rec-3-0
rec-3-0-1

rec-3.*

rec-3.0
rec-3.0.1
rec-3.1.4
rec-3.3.1
rec-3.5
rec-3.5-rc1
rec-3.5-rc3
rec-3.5-rc4
rec-3.5-rc5
rec-3.6.0
rec-3.6.0-rc1

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "335073009223727141442546823773627607245",
                "3325063803919662370807815705681621301",
                "65566741844457745540789393961208334976",
                "214802017751245620480022513796026227278"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2016-5427-20984c56",
        "target": {
            "file": "pdns/dnsparser.hh"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 328.0,
            "function_hash": "272098364120668738828264363336242645641"
        },
        "signature_type": "Function",
        "id": "CVE-2016-5427-2d379901",
        "target": {
            "file": "pdns/misc.cc",
            "function": "chopOff"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "323778131826227137046733885077490639136",
                "240445538914645076535977674075035909806",
                "283520274824191313494879770423235872527",
                "53325220884174924959903238627933421749",
                "224421520498247737712322729298499572388",
                "93818216059961495475847147166659679151",
                "6861711156456960504034447273136901951",
                "317208339759658381996075765955364396799",
                "253423114992532614861981627913615465549",
                "307555942684889802314558013562569018113",
                "158795892569270529885923505314648870425",
                "164183774241103682164887089537365760511",
                "273595359538434688439511303466560191615",
                "209004289468925949192202308382117884575",
                "219640445849104293661265381556335644794",
                "167739300652219471366787208970070966327",
                "105861474666818595362880159779047064133",
                "234629022298806735223125698169096913745",
                "277411381474638480386129624368964150883",
                "38244472512904287657046946269019637770",
                "113881175921520652762034040417574155137",
                "7663497596635311250949750754532429116"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2016-5427-86a2e31d",
        "target": {
            "file": "pdns/dnsparser.cc"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 430.0,
            "function_hash": "119830926157982529327753721699322374384"
        },
        "signature_type": "Function",
        "id": "CVE-2016-5427-9116589e",
        "target": {
            "file": "pdns/misc.cc",
            "function": "chopOffDotted"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 157.0,
            "function_hash": "201494151425687124566229460532178142136"
        },
        "signature_type": "Function",
        "id": "CVE-2016-5427-944c9226",
        "target": {
            "file": "pdns/dnsparser.cc",
            "function": "PacketReader::getLabel"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "181632328344395220377559472030462807540",
                "236987670225606885321027315954694042180",
                "129809260883687853675743250620761616960",
                "280303859564270144192609114135470779492",
                "211610218258821069505962204602074386266",
                "183715558143582153046772273329532446919",
                "73567258661609742843166467859579400105",
                "76419677890623618479137435553503771143",
                "75275836938457648641807021376571378803",
                "97853206121996420844189532501138666074",
                "150042922336362238403737705726299700457",
                "320528092379479898763862348487686027264",
                "149885393657184090717334775657689669797",
                "283952187599417710362975471129640852815",
                "93770744145712523750298104897171318374",
                "16303369545357969644039883735816223304",
                "172255641570987239549280883768092565577",
                "84103177289257808400351996336977030524",
                "73928659265986391659906095573856595624",
                "222618908864331382869796708820327693120",
                "73567258661609742843166467859579400105",
                "76419677890623618479137435553503771143",
                "75275836938457648641807021376571378803",
                "97853206121996420844189532501138666074",
                "150042922336362238403737705726299700457",
                "221063562770856429103065150410274246939",
                "261907972103596152924252597753051569543"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2016-5427-976374fe",
        "target": {
            "file": "pdns/misc.cc"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1167.0,
            "function_hash": "58758631302416552483714960344531181482"
        },
        "signature_type": "Function",
        "id": "CVE-2016-5427-ea933828",
        "target": {
            "file": "pdns/dnsparser.cc",
            "function": "PacketReader::getLabelFromContent"
        },
        "source": "https://github.com/powerdns/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
        "deprecated": false
    }
]