CVE-2019-10162
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
Se ha detectado una vulnerabilidad en Authoritative Server de PowerDNS anterior a versiones 4.1.10, 4.0.8, permitiendo a un usuario autorizado causar que el servidor salga mediante la inserción de un registro diseñado en una zona tipo MASTER bajo su control. El problema es debido al hecho de que Authoritative Server se saldrá cuando se encuentre con un error de análisis mientras busca los registros NS/A/AAAA que está por usar para una notificación saliente.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-27 CVE Reserved
- 2019-06-23 CVE Published
- 2024-07-23 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (5)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10162 | 2020-10-02 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Powerdns Search vendor "Powerdns" | Authoritative Search vendor "Powerdns" for product "Authoritative" | >= 4.0.0 < 4.0.8 Search vendor "Powerdns" for product "Authoritative" and version " >= 4.0.0 < 4.0.8" | - |
Affected
| ||||||
Powerdns Search vendor "Powerdns" | Authoritative Search vendor "Powerdns" for product "Authoritative" | >= 4.1.0 < 4.1.10 Search vendor "Powerdns" for product "Authoritative" and version " >= 4.1.0 < 4.1.10" | - |
Affected
| ||||||
Powerdns Search vendor "Powerdns" | Authoritative Search vendor "Powerdns" for product "Authoritative" | 4.0.0 Search vendor "Powerdns" for product "Authoritative" and version "4.0.0" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
|