PowerDNS Authoritative Server up to 4.0.7/4.1.9 Record denial of service

A vulnerability, which was classified as problematic, was found in PowerDNS Authoritative Server up to 4.0.7/4.1.9 (Domain Name Software). This affects an unknown functionality of the component Record Handler. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. This is going to have an impact on availability.

The weakness was published 07/30/2019. It is possible to read the advisory at blog.powerdns.com. This vulnerability is uniquely identified as CVE-2019-10162 since 03/27/2019. The successful exploitation requires a single authentication. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 4.1.10 or 4.1.10 eliminates this vulnerability.

Similar entry is available at 139036.

Type

• Domain Name Software

Vendor

• PowerDNS

Name

• Authoritative Server

• 🔒
• 🔒
• 🔒

• 🔒
• 🔒
• 🔒

VulDB Meta Base Score: 3.5
VulDB Meta Temp Score: 3.4

VulDB Base Score: 3.5
VulDB Temp Score: 3.4
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Denial of service (CWE-404)
Local: Yes
Remote: No

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: Upgrade
Status: 🔍

0-Day Time: 🔒

Upgrade: Authoritative Server 4.1.10/4.1.10

03/27/2019 CVE assigned
07/30/2019 +125 days Advisory disclosed
07/31/2019 +1 days VulDB entry created
07/31/2019 +0 days VulDB last updateAdvisory: blog.powerdns.com

CVE: CVE-2019-10162 (🔒)
See also: 🔒

Created: 07/31/2019 09:53 AM
Complete: 🔍

Comments

Comments are closed.