Banner object (1)

Hack and Take the Cash !

634 bounties in database
01/08/2016

Reward

PowerDNS

No technology is perfect, and PowerDNS believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you've found a security issue in our products, we encourage you to notify us. We welcome working with you to resolve the issue promptly.
Please note that our websites and infrastructures are in no way part of this program, and are explicitly out of scope.

Disclosure Policy

  • Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.
  • Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.

Bounty Program

To show our appreciation of responsible security researchers, PowerDNS offers a monetary bounty for reports of qualifying security vulnerabilities. Reward amounts will vary based upon the severity of the reported vulnerability, and eligibility is at our sole discretion.

Scope

We are interested in security issues in the following products:

  • PowerDNS Authoritative Server
  • PowerDNS Recursive Server
  • dnsdist

When reporting a vulnerability in one of the aforementioned products, please check that it exists in currently supported versions. You can check our development tree at https://github.com/PowerDNS/pdns __, but please do not report any potential security issue to the public bug tracker.

Rewards

Besides our respect and attribution, PowerDNS may provide rewards to eligible reporters of
qualifying vulnerabilities. Rewards include:

  • PowerDNS-Branded Clothing (T-Shirts, Polo Shirts, Hoodies).
  • Minimum reward of $100 USD for vulnerabilities we consider to be serious but of low-impact, up to a maximum of $5000 USD for the most severe vulnerabilities.

PowerDNS will determine at its discretion whether a reward should be granted and the
amount of the reward. In particular we may choose to pay higher rewards for severe
vulnerabilities or lower rewards for vulnerabilities that are considered less severe. This is not a
contest or competition.

Exclusions

While researching, we'd like to ask you to refrain from:

  • Denial of service
  • Spamming
  • Social engineering (including phishing) of PowerDNS staff or contractors
  • Any physical attempts against PowerDNS property or data centers

Thank you for helping keep PowerDNS and our users safe!

Thanks
Gift
Hall of Fame
Reward


List your Bug Bounty for free immediately!

Contact us if you want more information.

FireBounty (c) 2015-2018