Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

PowerDNS Authoritative Server DoS Vulnerability

Information

Severity

Severity

Medium

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

7 years ago

Modified

Modified

5 years ago

Share

Summary

PowerDNS Authoritative Server is prone to a denial of service vulnerability.

Insight

Insight

A bug was found in the packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdns_server process, causing a Denial of Service. When the PowerDNS Authoritative Server is run inside the guardian (--guardian), or inside a supervisor like supervisord or systemd, it will be automatically restarted, limiting the impact to a somewhat degraded service.

Affected Software

Affected Software

PowerDNS Authoritative Server 3.4.4 until 3.4.6

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Upgrade to version 3.4.7 or later

Common Vulnerabilities and Exposures (CVE)

References