{"id":"CVE-2018-1046","details":"pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.","modified":"2026-03-14T09:25:58.447327Z","published":"2018-07-16T20:29:00.317Z","related":["MGASA-2018-0255","SUSE-SU-2018:1660-1","openSUSE-SU-2018:1462-1","openSUSE-SU-2024:11156-1"],"references":[{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1046"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/powerdns/pdns","events":[{"introduced":"0"},{"fixed":"431819add3aab0ee9d23173395690b6165e128e1"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.1.2"}]}}],"versions":["auth-3.1-rc1","auth-3.1-rc2","auth-3.1-rc3","auth-3.2-rc1","auth-3.2-rc2","auth-3.2-rc3","auth-3.2-rc4","auth-3.3","auth-3.3-rc1","auth-3.3-rc2","auth-3.4.0","auth-3.4.0-rc1","auth-3.4.0-rc2","auth-4.0.0","auth-4.0.0-alpha1","auth-4.0.0-alpha2","auth-4.0.0-alpha3","auth-4.0.0-beta1","auth-4.0.0-rc1","auth-4.0.0-rc2","auth-4.0.1","auth-4.1.0","auth-4.1.0-rc1","auth-4.1.0-rc2","auth-4.1.0-rc3","dnsdist-1.0.0","dnsdist-1.0.0-alpha1","dnsdist-1.0.0-alpha2","dnsdist-1.0.0-beta1","dnsdist-1.1.0","dnsdist-1.1.0-beta1","dnsdist-1.1.0-beta2","dnsdist-1.2.0","rec-3-0","rec-3-0-1","rec-3.0","rec-3.0.1","rec-3.1.4","rec-3.3.1","rec-3.5","rec-3.5-rc1","rec-3.5-rc3","rec-3.5-rc4","rec-3.5-rc5","rec-3.6.0","rec-3.6.0-rc1","rec-3.7.0","rec-3.7.0-rc1","rec-3.7.0-rc2","rec-4.0.0","rec-4.0.0-alpha1","rec-4.0.0-alpha2","rec-4.0.0-alpha3","rec-4.0.0-beta1","rec-4.0.0-rc1","rec-4.0.1","rec-4.0.2","rec-4.1.0","rec-4.1.0-alpha1","rec-4.1.0-rc1","rec-4.1.0-rc2","rec-4.1.0-rc3","rec-4.1.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1046.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}