Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-10995

Опубликовано: 19 мая 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is triggered by random subdomains in the NSDNAME in NS records. PowerDNS Recursor 4.1.16, 4.2.2 and 4.3.1 contain a mitigation to limit the impact of this DNS protocol issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
Версия от 4.1.0 (включая) до 4.3.0 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 26%
0.00091
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

ubuntu логотип

CVE-2020-10995

CVSS3: 7.5
ubuntu
больше 5 лет назад

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is triggered by random subdomains in the NSDNAME in NS records. PowerDNS Recursor 4.1.16, 4.2.2 and 4.3.1 contain a mitigation to limit the impact of this DNS protocol issue.

debian логотип

CVE-2020-10995

CVSS3: 7.5
debian
больше 5 лет назад

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not suffic ...

github логотип

GHSA-g5gv-j2x8-cxr2

CVSS3: 7.5
github
больше 3 лет назад

PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is triggered by random subdomains in the NSDNAME in NS records. PowerDNS Recursor 4.1.16, 4.2.2 and 4.3.1 contain a mitigation to limit the impact of this DNS protocol issue.

suse-cvrf логотип

openSUSE-SU-2020:0698-1

suse-cvrf
больше 5 лет назад

Security update for pdns-recursor

EPSS

Процентиль: 26%
0.00091
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400