Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.141654
Category:Denial of Service
Title:PowerDNS Authoritative Server Packet Cache Pollution DoS Vulnerability
Summary:An issue has been found in PowerDNS Authoritative Server allowing a remote;user to craft a DNS query that will cause an answer without DNSSEC records to be inserted into the packet cache;and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific;qname and qtype. For a DNSSEC-signed domain, this means that DNSSEC validating clients will consider the answer to;be bogus until it expires from the packet cache, leading to a denial of service.
Description:Summary:
An issue has been found in PowerDNS Authoritative Server allowing a remote
user to craft a DNS query that will cause an answer without DNSSEC records to be inserted into the packet cache
and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific
qname and qtype. For a DNSSEC-signed domain, this means that DNSSEC validating clients will consider the answer to
be bogus until it expires from the packet cache, leading to a denial of service.

Affected Software/OS:
PowerDNS Authoritative Server versions 4.1.0 to 4.1.4.

Solution:
Upgrade to version 4.1.5 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-14626
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.