Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
PowerDNS Recursor < 4.1.18, 4.2.0 < 4.2.4, 4.3.0 < 4.3.4 DoS Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
PowerDNS Recursor is prone to a denial of service vulnerability.
Insight
Insight
An issue has been found in PowerDNS Recursor where a remote attacker can cause the cached records for a given name to be updated to the 'Bogus' DNSSEC validation state, instead of their actual DNSSEC 'Secure' state, via a DNS ANY query. This results in a denial of service for installations that always validate (dnssec=validate) and for clients requesting validation when on-demand validation is enabled (dnssec=process).
Affected Software
Affected Software
PowerDNS Recursor version 4.1.17 and prior, 4.2.0 - 4.2.4 and 4.3.0 - 4.3.4.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 4.1.18, 4.2.5, 4.3.5 or later.