PowerDNS Authoritative Server Vulnerability Allows Authorized User to Crash Server
CVE-2019-10162

3.5LOW

Key Information:

Vendor

Powerdns

Status
Pdns
Vendor
CVE Published:
30 July 2019

What is CVE-2019-10162?

A vulnerability exists in the PowerDNS Authoritative Server versions prior to 4.1.10 and 4.0.8 that allows an authorized user to crash the server. This occurs when the server encounters a parsing error while processing a crafted record in a MASTER type zone controlled by the user. Due to this flaw, the server exits unexpectedly, leading to potential disruptions in service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

pdns fixed in 4.1.10

pdns fixed in 4.0.8

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10162
x_refsource_CONFIRM
https://blog.powerdns.com/2019/06/21/powerdns-authoritati...
x_refsource_CONFIRM
https://doc.powerdns.com/authoritative/security-advisorie...
x_refsource_MISC

CVSS V3.1

Score:
3.5
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.