Описание
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | not-affected | 4.1.6-3build1 |
| disco | ignored | end of life |
| eoan | not-affected | 4.1.6-3build1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 4.1.6-3build1 |
| esm-apps/jammy | not-affected | 4.1.6-3build1 |
| esm-apps/noble | not-affected | 4.1.6-3build1 |
| esm-apps/xenial | needs-triage |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
A vulnerability has been found in PowerDNS Authoritative Server before ...
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
Уязвимость функции синтаксического анализа DNS-сервера PowerDNS, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3