Denial of Service Vulnerability in PowerDNS Authoritative Server
CVE-2015-5311

Currently unrated

Key Information:

Vendor: Powerdns
Status: Authoritative
Vendor: CVE Published:; 17 November 2015

Summary

The PowerDNS Authoritative Server, specifically versions 3.4.4 and earlier, is susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending specially crafted query packets, leading to assertion failures that cause the server to crash. This impacts server availability, making it imperative for users to upgrade to versions 3.4.7 or higher to mitigate the risk. Security advisories have been released to inform users of the steps necessary for remediation.

References

http://www.openwall.com/lists/oss-security/2015/11/09/3

mailing-listx_refsource_MLIST

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.securitytracker.com/id/1034098

vdb-entryx_refsource_SECTRACK

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 17, 2015
Vulnerability Reserved
Jul 1, 2015