Test ID:	1.3.6.1.4.1.25623.1.0.142678
Category:	Denial of Service
Title:	PowerDNS Authoritative Server Denial of Service Vulnerability (2019-06)
Summary:	PowerDNS Authoritative Server is prone to a denial of service vulnerability; via crafted zone records.
Description:	Summary: PowerDNS Authoritative Server is prone to a denial of service vulnerability via crafted zone records. Vulnerability Insight: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it tries to store the notified serial in the PostgreSQL database, if this serial cannot be represented in 31 bits. Note: Just installations using PostgreSQL as a backend are affected. Affected Software/OS: PowerDNS Authoritative 4.1.10 and prior. Although the advisory is stating that version 4.0.9 and 4.1.11 are not affected they still might be vulnerable if the mitigation steps are not applied. Solution: See the referenced vendor advisory for mitigation steps. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-10203 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10203 https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.