Test ID:	1.3.6.1.4.1.25623.1.0.112376
Category:	Denial of Service
Title:	PowerDNS Security Advisory 2015-03: Packet parsing bug can lead to crashes
Summary:	A bug was found using afl-fuzz in our packet parsing code.; This bug, when exploited, causes an assertion error and consequent termination of the pdns_server process,; causing a Denial of Service.;; When the PowerDNS Authoritative Server is run inside the guardian (--guardian), or inside a supervisor like; supervisord or systemd, it will be automatically restarted, limiting the impact to a somewhat degraded service.
Description:	Summary: A bug was found using afl-fuzz in our packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the pdns_server process, causing a Denial of Service. When the PowerDNS Authoritative Server is run inside the guardian (--guardian), or inside a supervisor like supervisord or systemd, it will be automatically restarted, limiting the impact to a somewhat degraded service. Affected Software/OS: PowerDNS Authoritative Server 3.4.4 up to and including 3.4.6 are affected. Solution: Update PowerDNS Authoritative Server to version 3.4.7. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5311 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171976.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171865.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172193.html http://www.openwall.com/lists/oss-security/2015/11/09/3 http://www.securitytracker.com/id/1034098
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.