ID de Prueba:	1.3.6.1.4.1.25623.1.0.142678
Categoría:	Denial of Service
Título:	PowerDNS Authoritative Server Denial of Service Vulnerability (2019-06)
Resumen:	PowerDNS Authoritative Server is prone to a denial of service vulnerability; via crafted zone records.
Descripción:	Summary: PowerDNS Authoritative Server is prone to a denial of service vulnerability via crafted zone records. Vulnerability Insight: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it tries to store the notified serial in the PostgreSQL database, if this serial cannot be represented in 31 bits. Note: Just installations using PostgreSQL as a backend are affected. Affected Software/OS: PowerDNS Authoritative 4.1.10 and prior. Although the advisory is stating that version 4.0.9 and 4.1.11 are not affected they still might be vulnerable if the mitigation steps are not applied. Solution: See the referenced vendor advisory for mitigation steps. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-10203 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10203 https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.