ID de Prueba:	1.3.6.1.4.1.25623.1.0.118454
Categoría:	Denial of Service
Título:	PowerDNS Recursor DoS Vulnerability (2023-01)
Resumen:	PowerDNS Recursor is prone to a denial of service (DoS); vulnerability.
Descripción:	Summary: PowerDNS Recursor is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An issue in the processing of queries for misconfigured domains has been found in PowerDNS Recursor 4.8.0, allowing a remote attacker to crash the recursor by sending a DNS query for one of these domains. The issue happens because the recursor enters an unbounded loop, exceeding its stack memory. Because of the specific way in which this issue happens, the vendor does not believe this issue to be exploitable for code execution. Note: PowerDNS Recursor versions before 4.8.0 are not affected. Note that when the PowerDNS Recursor is run inside a supervisor like supervisord or systemd, a crash will lead to an automatic restart, limiting the impact to a somewhat degraded service. Affected Software/OS: PowerDNS Recursor version 4.8.0. Solution: Update to version 4.8.1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-22617 https://docs.powerdns.com/recursor/security-advisories/ http://www.openwall.com/lists/oss-security/2023/01/20/1
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.