CVE-2014-7210

Critical CVSS: 9.8

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends
are not affected.

Vendor

Debian

Product

Pdns

CWE

CWE-276

Yayın Tarihi

2025-06-26 21:15:27

Güncelleme

2025-08-06 16:38:04

Source Identifier

security@debian.org

KEV Date Added

Kategoriler

CWE-276 Pdns CRITICAL Debian 2025

Referanslar

https://lists.debian.org/debian-lts-announce/2016/05/msg00046.html https://salsa.debian.org/debian/pdns/-/commit/f0de6b3583039bb63344fbd5eb246939264d7b05

Benzer Kayıtlar

Critical

CVE-2025-8454

It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts…

High

CVE-2025-6297

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a…

Critical

CVE-2015-0842

yubiserver before 0.6 is prone to SQL injection issues, potentially leading to an authentication bypass.

Critical

CVE-2015-0843

yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf.

Low

CVE-2015-0849

pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.

Medium

CVE-2013-1424

Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36c…