Rgacogne

**Name of the Vulnerable Software and Affected Versions** PowerDNS (aka pdns) Authoritative Server versions prior to 3.4.10 **Description** The issue allows remote attackers to cause a denial of service, specifically backend CPU consumption, by sending a crafted DNS query that contains a . (dot) inside labels. **Recommendations** For versions prior to 3.4.10, update to version 3.4.10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PowerDNS (aka pdns) Authoritative Server versions prior to 4.0.1 opensuse (affected versions not specified) opensuse leap (affected versions not specified) PowerDNS Authoritative Server (affected versions not specified) **Description** The issue allows remote primary DNS servers to cause a denial of service, resulting in memory exhaustion and secondary DNS server crash. This can be achieved via a large AXFR or IXFR response. **Recommendations** For PowerDNS (aka pdns) Authoritative Server versions prior to 4.0.1, update to version 4.0.1 or later to resolve the issue. For opensuse and opensuse leap, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting large AXFR or IXFR responses from remote primary DNS servers to minimize the risk of exploitation.