Hello researchers,

we've added a new tier dedicated to our registrant portal. The portal is only accessible for .eu registrants, meaning you'll need to register a .eu domain name to access the portal. For any accepted finding rated "high" or higher we'll add the cost of the domain names to the bounty.

For more information, please check the programme description.

Looking forward to your findings.

Thanks to the your excellent work, the YADIFA developers have been fixing some issues in our authoritative name server.

Versio 2.5.3 has been publised today fixing some reported issues.

See: https://www.yadifa.eu/download

Looking forward at new findings.

Hello researchers.

For those willing to dig into some C code, here's a new challenge.

EURid released in 2012 an open source authoritative name server called YADIFA (https://www.yadifa.eu). Today we're adding it to our public bug bounty program.

Authoritative name servers are a critical core component of Internet infrastructure and 10 years ago, only a few different authorititative name servers existed with tested and tried support for DNSSEC. That's the reason why we ventured in developing our own name server, YADIFA.

We understand this is a very different type of challenge and requires not only skills and talents in the C language but also a good understanding of how authoritative name servers work. Contrary to the rest of our program, we're using the CVSSv3.1 scoring for issues found and we mostly focus on anything "high" and higher. See also: https://kb.intigriti.com/en/articles/5041991-intigriti-s-contextual-cvss-standard.

Success!