VDB

GCVE-110-MAGEIA-2018-252

GCVE-110-MAGEIA-2018-252
Advisory Published
Vulnetix · Advisory published May 24, 2018
An issue has been found in the DNSSEC validation component of PowerDNS Recursor, allowing an ancestor delegation NSEC or NSEC3 record to be used to wrongfully prove the non-existence of a RR below the owner name of that record. This would allow an attacker in position of man-in-the-middle to send a NXDOMAIN answer for a name that does exist (CVE-2018-1000003).

Affected Products

VendorProductVersionsPlatforms
Mageiapdns-recursor0 (affected), 4.1.2-3.mga6 (unaffected)

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›