QID 375500
Date Published: 2021-04-29
QID 375500: PowerDNS Authoritative Server Information Disclosure Vulnerability
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response
Affected Versions:
PowerDNS Authoritative Server before 4.0.7 and before 4.1.7
QID Detection Logic (Authenticated):
This QID checks for the vulnerable version of PowerDNS Authoritative Server and checks version using remote package command.
An issue in the DNS protocol has been found that allow malicious parties to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers.
- PowerDNS Authoritative Server -
doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
CVEs related to QID 375500
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CVE-2019-3871 |
doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html |