CVE-2019-10162

Name of the Vulnerable Software and Affected Versions PowerDNS Authoritative Server versions prior to 4.1.10 PowerDNS Authoritative Server versions prior to 4.0.8

Description The issue is related to a lack of authorization mechanism in the PowerDNS DNS server's syntax analysis function. This can be exploited by a remote attacker to cause a denial of service when the server looks up NS/A/AAAA records. The problem occurs because the Authoritative Server exits when it encounters a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.

Recommendations For PowerDNS Authoritative Server versions prior to 4.1.10, update to version 4.1.10 or later to resolve the issue. For PowerDNS Authoritative Server versions prior to 4.0.8, update to version 4.0.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the MASTER type zone to minimize the risk of exploitation.