Test Kennung:	1.3.6.1.4.1.25623.1.0.118454
Kategorie:	Denial of Service
Titel:	PowerDNS Recursor DoS Vulnerability (2023-01)
Zusammenfassung:	PowerDNS Recursor is prone to a denial of service (DoS); vulnerability.
Beschreibung:	Summary: PowerDNS Recursor is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An issue in the processing of queries for misconfigured domains has been found in PowerDNS Recursor 4.8.0, allowing a remote attacker to crash the recursor by sending a DNS query for one of these domains. The issue happens because the recursor enters an unbounded loop, exceeding its stack memory. Because of the specific way in which this issue happens, the vendor does not believe this issue to be exploitable for code execution. Note: PowerDNS Recursor versions before 4.8.0 are not affected. Note that when the PowerDNS Recursor is run inside a supervisor like supervisord or systemd, a crash will lead to an automatic restart, limiting the impact to a somewhat degraded service. Affected Software/OS: PowerDNS Recursor version 4.8.0. Solution: Update to version 4.8.1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-22617 https://docs.powerdns.com/recursor/security-advisories/ http://www.openwall.com/lists/oss-security/2023/01/20/1
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.