CVE-2016-6172

Name: CVE-2016-6172
Creator: NVD / NIST
Published: 2016-09-26T16:59:04.947+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.86%

Last modified Jun 17, 2026

CVE-2016-6172 is a vulnerability of currently unknown severity. PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.. EPSS estimates a 3.86% chance of exploitation in the next 30 days.

Description

PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.

Metrics

EPSS Probability

3.86%

88.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-400

Affected Software

Vendor	Product	Versions
Opensuse	Leap	42.1
Opensuse	Opensuse	13.2
Powerdns	Authoritative Server	<= 4.0.0

References

http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.htmlThird Party Advisory
http://www.debian.org/security/2016/dsa-3664
http://www.openwall.com/lists/oss-security/2016/07/06/3Mailing List
http://www.securityfocus.com/bid/91678
http://www.securitytracker.com/id/1036242
https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401Release Notes
https://github.com/PowerDNS/pdns/issues/4128Issue Tracking
https://github.com/PowerDNS/pdns/issues/4133Issue Tracking
https://github.com/PowerDNS/pdns/pull/4134Issue Tracking
https://github.com/sischkg/xfer-limit/blob/master/README.mdPatch
https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.htmlMailing List, Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-08/msg00085.htmlThird Party Advisory
http://www.debian.org/security/2016/dsa-3664
http://www.openwall.com/lists/oss-security/2016/07/06/3Mailing List
http://www.securityfocus.com/bid/91678
http://www.securitytracker.com/id/1036242
https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-401Release Notes
https://github.com/PowerDNS/pdns/issues/4128Issue Tracking
https://github.com/PowerDNS/pdns/issues/4133Issue Tracking
https://github.com/PowerDNS/pdns/pull/4134Issue Tracking
https://github.com/sischkg/xfer-limit/blob/master/README.mdPatch
https://lists.dns-oarc.net/pipermail/dns-operations/2016-July/015058.htmlMailing List, Third Party Advisory

Timeline

Published: Sep 26, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-6172?

How severe is CVE-2016-6172?

Severity scoring for CVE-2016-6172 is pending analysis. The EPSS model estimates a 3.86% probability of exploitation in the next 30 days.

How do I fix CVE-2016-6172?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-6172?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST