ASA-2019-00389 – PowerDNS: Denial of service via NOTIFY packets


Allele Security Alert

ASA-2019-00389

Identifier(s)

ASA-2019-00389, CVE-2019-10163

Title

Denial of service via NOTIFY packets

Vendor(s)

PowerDNS

Product(s)

PowerDNS Authoritative Server

Affected version(s)

PowerDNS Authoritative up to and including 4.1.8

Fixed version(s)

PowerDNS 4.1.9, 4.0.8

Proof of concept

Unknown

Description

An issue has been found in PowerDNS Authoritative Server allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.

Technical details

Unknown

Credits

George Asenov

Reference(s)

PowerDNS Security Advisory 2019-05: Denial of service via NOTIFY packets
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html

CVE-2019-10163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163

CVE-2019-10163
https://nvd.nist.gov/vuln/detail/CVE-2019-10163

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: June 25, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.