Detections
Analytics
PowerDNS Recursor 3.6.0 Packet Sequence Handling DoS
medium Nessus Plugin ID 77780
Language:
Synopsis
The remote name server is affected by a denial of service vulnerability.Description
According to its self-reported version number, the version of the PowerDNS Recursor service listening on the remote host is version 3.6.0. It is, therefore, affected by a denial of service vulnerability due to improper handling of malformed packet sequences. An unauthenticated, remote attacker can exploit this to crash the application, resulting in a denial of service condition.Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.
Also, Nessus has not checked for the presence of the patch or the workaround.
Solution
Upgrade to PowerDNS Recursor 3.6.1 or later. Alternatively, apply the patch or workaround referenced in the vendor advisory.See Also
https://doc.powerdns.com/md/security/powerdns-advisory-2014-01/
https://doc.powerdns.com/md/changelog/#changelog-recursor-3.6.1
Plugin Details
Severity: Medium
ID: 77780
File Name: powerdns_3_6_1.nasl
Version: 1.5
Type: remote
Family: DNS
Published: 9/22/2014
Updated: 11/25/2019
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2014-3614
Vulnerability Information
CPE: cpe:/a:powerdns:powerdns, cpe:/a:powerdns:powerdns_recursor
Required KB Items: Settings/ParanoidReport, pdns/version_full, pdns/version_source, pdns/type
Exploit Ease: No known exploits are available
Patch Publication Date: 9/10/2014
Vulnerability Publication Date: 9/10/2014
Reference Information
CVE: CVE-2014-3614
BID: 69778