Detections
Analytics
PowerDNS Authoritative Server 3.4.4 / 3.4.5 / 3.4.6 Process Packet Handling DoS
medium Nessus Plugin ID 87947
Language:
Synopsis
The remote name server is affected by a denial of service vulnerability.Description
According to its self-reported version number, the version of the PowerDNS Authoritative Server listening on the remote host is version 3.4.4, 3.4.5, or 3.4.6. It is, therefore, affected by a denial of service vulnerability due to an assertion flaw that is triggered when handling malformed packets. An unauthenticated, remote attacker can exploit this vulnerability, via crafted query packets, to crash the server.Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.
Also, Nessus has not checked for the presence of the patch.
Solution
Upgrade to PowerDNS Authoritative Server 3.4.7 or later.Alternatively, apply the patch referenced in the vendor advisory.
See Also
https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/
Plugin Details
Severity: Medium
ID: 87947
File Name: powerdns_authoritative_3_4_7.nasl
Version: 1.5
Type: remote
Family: DNS
Published: 1/15/2016
Updated: 11/19/2019
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2015-5311
Vulnerability Information
CPE: cpe:/a:powerdns:powerdns, cpe:/a:powerdns:authoritative
Required KB Items: Settings/ParanoidReport, pdns/version_full, pdns/version_source, pdns/type
Exploit Ease: No known exploits are available
Patch Publication Date: 11/3/2015
Vulnerability Publication Date: 11/9/2015
Reference Information
CVE: CVE-2015-5311
BID: 77522