Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

PowerDNS Authoritative Server Denial of Service Vulnerability (2019-06)

Information

Severity

Severity

Medium

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

4.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Solution Type

Solution Type

Mitigation

Created

Created

3 years ago

Modified

Modified

3 years ago

Summary

PowerDNS Authoritative Server is prone to a denial of service vulnerability via crafted zone records.

Insight

Insight

An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it tries to store the notified serial in the PostgreSQL database, if this serial cannot be represented in 31 bits. Note: Just installations using PostgreSQL as a backend are affected.

Affected Software

Affected Software

PowerDNS Authoritative 4.1.10 and prior. Although the advisory is stating that version 4.0.9 and 4.1.11 are not affected they still might be vulnerable if the mitigation steps are not applied.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

See the referenced vendor advisory for mitigation steps.

Common Vulnerabilities and Exposures (CVE)