PT-2019-3471 · Powerdns+2 · Powerdns Authoritative Server+2

George Asenov

Published

2019-01-21

Updated

2024-06-15

CVE-2019-10163

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions PowerDNS Authoritative Server versions prior to 4.1.9 PowerDNS Authoritative Server versions prior to 4.0.8

Description The issue is related to an uncontrolled resource consumption in the PowerDNS server. It can be exploited by a remote attacker to cause a denial of service by sending a large number of notifications, potentially leading to a high CPU load or preventing further updates to any slave zone. Only servers configured as slaves are affected by this issue.

Recommendations For PowerDNS Authoritative Server versions prior to 4.1.9, update to version 4.1.9 or later to resolve the issue. For PowerDNS Authoritative Server versions prior to 4.0.8, update to version 4.0.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the NOTIFY messages to minimize the risk of exploitation.

Fix

Allocation of Resources Without Limits

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-400

Related Identifiers

ALT-PU-2020-1325

ALT-PU-2020-1407

BDU:2019-03645

CVE-2019-10163

DLA-1843-1

DSA-4470-1

MGASA-2020-0375

OPENSUSE-SU-2019:1904-1

OPENSUSE-SU-2019:1921-1

OPENSUSE-SU-2019_1904-1

OPENSUSE-SU-2024:11156-1

Affected Products

Alt Linux

Powerdns Authoritative Server

Suse

PT-2019-3471 · Powerdns+2 · Powerdns Authoritative Server+2

CVE-2019-10163

Weakness Enumeration

Related Identifiers

Affected Products

References · 74